mirror of
				https://github.com/django/django.git
				synced 2025-10-25 06:36:07 +00:00 
			
		
		
		
	Fixed #2332 -- Introduced is_authenticated() method on User and AnonymousUser classes. Recommended its use over is_anonymous in the docs. Changed internal Django use to match this recommendation. Thanks to SmileyChris and Gary Wilson for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3360 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
		| @@ -20,9 +20,9 @@ | ||||
|         <div id="branding"> | ||||
|         {% block branding %}{% endblock %} | ||||
|         </div> | ||||
|         {% if not user.is_anonymous %}{% if user.is_staff %} | ||||
|         {% if user.is_authenticated and user.is_staff %} | ||||
|         <div id="user-tools">{% trans 'Welcome,' %} <strong>{% if user.first_name %}{{ user.first_name|escape }}{% else %}{{ user.username }}{% endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation' %}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div> | ||||
|         {% endif %}{% endif %} | ||||
|         {% endif %} | ||||
|         {% block nav-global %}{% endblock %} | ||||
|     </div> | ||||
|     <!-- END Header --> | ||||
|   | ||||
| @@ -46,7 +46,7 @@ def staff_member_required(view_func): | ||||
|     member, displaying the login page if necessary. | ||||
|     """ | ||||
|     def _checklogin(request, *args, **kwargs): | ||||
|         if not request.user.is_anonymous() and request.user.is_staff: | ||||
|         if request.user.is_authenticated() and request.user.is_staff: | ||||
|             # The user is valid. Continue to the admin page. | ||||
|             if request.POST.has_key('post_data'): | ||||
|                 # User must have re-authenticated through a different window | ||||
|   | ||||
| @@ -17,7 +17,7 @@ def user_passes_test(test_func, login_url=LOGIN_URL): | ||||
|         return _checklogin | ||||
|     return _dec | ||||
|  | ||||
| login_required = user_passes_test(lambda u: not u.is_anonymous()) | ||||
| login_required = user_passes_test(lambda u: u.is_authenticated()) | ||||
| login_required.__doc__ = ( | ||||
|     """ | ||||
|     Decorator for views that checks that the user is logged in, redirecting | ||||
|   | ||||
| @@ -126,6 +126,11 @@ class User(models.Model): | ||||
|         "Always returns False. This is a way of comparing User objects to anonymous users." | ||||
|         return False | ||||
|      | ||||
|     def is_authenticated(self): | ||||
|         """Always return True. This is a way to tell if the user has been authenticated in templates. | ||||
|         """ | ||||
|         return True | ||||
|  | ||||
|     def get_full_name(self): | ||||
|         "Returns the first_name plus the last_name, with a space in between." | ||||
|         full_name = '%s %s' % (self.first_name, self.last_name) | ||||
| @@ -293,3 +298,6 @@ class AnonymousUser(object): | ||||
|  | ||||
|     def is_anonymous(self): | ||||
|         return True | ||||
|      | ||||
|     def is_authenticated(self): | ||||
|         return False | ||||
|   | ||||
| @@ -2,10 +2,10 @@ | ||||
| {% if display_form %} | ||||
| <form {% if photos_optional or photos_required %}enctype="multipart/form-data" {% endif %}action="/comments/post/" method="post"> | ||||
|  | ||||
| {% if user.is_anonymous %} | ||||
| <p><label for="id_username">{% trans "Username:" %}</label> <input type="text" name="username" id="id_username" /><br />{% trans "Password:" %} <input type="password" name="password" id="id_password" /> (<a href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p> | ||||
| {% else %} | ||||
| {% if user.is_authenticated %} | ||||
| <p>{% trans "Username:" %} <strong>{{ user.username }}</strong> (<a href="/accounts/logout/">{% trans "Log out" %}</a>)</p> | ||||
| {% else %} | ||||
| <p><label for="id_username">{% trans "Username:" %}</label> <input type="text" name="username" id="id_username" /><br />{% trans "Password:" %} <input type="password" name="password" id="id_password" /> (<a href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p> | ||||
| {% endif %} | ||||
|  | ||||
| {% if ratings_optional or ratings_required %} | ||||
|   | ||||
| @@ -114,7 +114,7 @@ class CommentListNode(template.Node): | ||||
|         comment_list = get_list_function(**kwargs).order_by(self.ordering + 'submit_date').select_related() | ||||
|  | ||||
|         if not self.free: | ||||
|             if context.has_key('user') and not context['user'].is_anonymous(): | ||||
|             if context.has_key('user') and context['user'].is_authenticated(): | ||||
|                 user_id = context['user'].id | ||||
|                 context['user_can_moderate_comments'] = Comment.objects.user_is_moderator(context['user']) | ||||
|             else: | ||||
|   | ||||
| @@ -63,7 +63,7 @@ class PublicCommentManipulator(AuthenticationForm): | ||||
|                 validator_list=get_validator_list(8), | ||||
|             ), | ||||
|         ]) | ||||
|         if not user.is_anonymous(): | ||||
|         if user.is_authenticated(): | ||||
|             self["username"].is_required = False | ||||
|             self["username"].validator_list = [] | ||||
|             self["password"].is_required = False | ||||
|   | ||||
| @@ -15,7 +15,7 @@ def vote(request, comment_id, vote): | ||||
|     rating = {'up': 1, 'down': -1}.get(vote, False) | ||||
|     if not rating: | ||||
|         raise Http404, "Invalid vote" | ||||
|     if request.user.is_anonymous(): | ||||
|     if not request.user.is_authenticated(): | ||||
|         raise Http404, _("Anonymous users cannot vote") | ||||
|     try: | ||||
|         comment = Comment.objects.get(pk=comment_id) | ||||
|   | ||||
| @@ -22,7 +22,7 @@ def flatpage(request, url): | ||||
|     f = get_object_or_404(FlatPage, url__exact=url, sites__id__exact=settings.SITE_ID) | ||||
|     # If registration is required for accessing this page, and the user isn't | ||||
|     # logged in, redirect to the login page. | ||||
|     if f.registration_required and request.user.is_anonymous(): | ||||
|     if f.registration_required and not request.user.is_authenticated(): | ||||
|         from django.contrib.auth.views import redirect_to_login | ||||
|         return redirect_to_login(request.path) | ||||
|     if f.template_name: | ||||
|   | ||||
| @@ -20,7 +20,7 @@ def create_object(request, model, template_name=None, | ||||
|             the form wrapper for the object | ||||
|     """ | ||||
|     if extra_context is None: extra_context = {} | ||||
|     if login_required and request.user.is_anonymous(): | ||||
|     if login_required and not request.user.is_authenticated(): | ||||
|         return redirect_to_login(request.path) | ||||
|  | ||||
|     manipulator = model.AddManipulator(follow=follow) | ||||
| @@ -39,7 +39,7 @@ def create_object(request, model, template_name=None, | ||||
|             # No errors -- this means we can save the data! | ||||
|             new_object = manipulator.save(new_data) | ||||
|  | ||||
|             if not request.user.is_anonymous(): | ||||
|             if request.user.is_authenticated(): | ||||
|                 request.user.message_set.create(message="The %s was created successfully." % model._meta.verbose_name) | ||||
|  | ||||
|             # Redirect to the new object: first by trying post_save_redirect, | ||||
| @@ -86,7 +86,7 @@ def update_object(request, model, object_id=None, slug=None, | ||||
|             the original object being edited | ||||
|     """ | ||||
|     if extra_context is None: extra_context = {} | ||||
|     if login_required and request.user.is_anonymous(): | ||||
|     if login_required and not request.user.is_authenticated(): | ||||
|         return redirect_to_login(request.path) | ||||
|  | ||||
|     # Look up the object to be edited | ||||
| @@ -113,7 +113,7 @@ def update_object(request, model, object_id=None, slug=None, | ||||
|         if not errors: | ||||
|             object = manipulator.save(new_data) | ||||
|  | ||||
|             if not request.user.is_anonymous(): | ||||
|             if request.user.is_authenticated(): | ||||
|                 request.user.message_set.create(message="The %s was updated successfully." % model._meta.verbose_name) | ||||
|  | ||||
|             # Do a post-after-redirect so that reload works, etc. | ||||
| @@ -162,7 +162,7 @@ def delete_object(request, model, post_delete_redirect, | ||||
|             the original object being deleted | ||||
|     """ | ||||
|     if extra_context is None: extra_context = {} | ||||
|     if login_required and request.user.is_anonymous(): | ||||
|     if login_required and not request.user.is_authenticated(): | ||||
|         return redirect_to_login(request.path) | ||||
|  | ||||
|     # Look up the object to be edited | ||||
| @@ -180,7 +180,7 @@ def delete_object(request, model, post_delete_redirect, | ||||
|  | ||||
|     if request.method == 'POST': | ||||
|         object.delete() | ||||
|         if not request.user.is_anonymous(): | ||||
|         if request.user.is_authenticated(): | ||||
|             request.user.message_set.create(message="The %s was deleted." % model._meta.verbose_name) | ||||
|         return HttpResponseRedirect(post_delete_redirect) | ||||
|     else: | ||||
|   | ||||
| @@ -95,7 +95,11 @@ In addition to those automatic API methods, ``User`` objects have the following | ||||
| custom methods: | ||||
|  | ||||
|     * ``is_anonymous()`` -- Always returns ``False``. This is a way of | ||||
|       comparing ``User`` objects to anonymous users. | ||||
|       differentiating ``User`` and ``AnonymousUser`` objects. Generally, you | ||||
|       should prefer using ``is_authenticated()`` to this method. | ||||
|  | ||||
|     * ``is_authenticated()`` -- Always returns ``True``. This is a way to | ||||
|       tell if the user has been authenticated. | ||||
|  | ||||
|     * ``get_full_name()`` -- Returns the ``first_name`` plus the ``last_name``, | ||||
|       with a space in between. | ||||
| @@ -219,6 +223,7 @@ the ``django.contrib.auth.models.User`` interface, with these differences: | ||||
|  | ||||
|     * ``id`` is always ``None``. | ||||
|     * ``is_anonymous()`` returns ``True`` instead of ``False``. | ||||
|     * ``is_authenticated()`` returns ``False`` instead of ``True``. | ||||
|     * ``has_perm()`` always returns ``False``. | ||||
|     * ``set_password()``, ``check_password()``, ``save()``, ``delete()``, | ||||
|       ``set_groups()`` and ``set_permissions()`` raise ``NotImplementedError``. | ||||
| @@ -254,12 +259,12 @@ Once you have those middlewares installed, you'll be able to access | ||||
| ``request.user`` in views. ``request.user`` will give you a ``User`` object | ||||
| representing the currently logged-in user. If a user isn't currently logged in, | ||||
| ``request.user`` will be set to an instance of ``AnonymousUser`` (see the | ||||
| previous section). You can tell them apart with ``is_anonymous()``, like so:: | ||||
| previous section). You can tell them apart with ``is_authenticated()``, like so:: | ||||
|  | ||||
|     if request.user.is_anonymous(): | ||||
|         # Do something for anonymous users. | ||||
|     if request.user.is_authenticated(): | ||||
|         # Do something for authenticated users. | ||||
|     else: | ||||
|         # Do something for logged-in users. | ||||
|         # Do something for anonymous users. | ||||
|  | ||||
| .. _request objects: http://www.djangoproject.com/documentation/request_response/#httprequest-objects | ||||
| .. _session documentation: http://www.djangoproject.com/documentation/sessions/ | ||||
| @@ -323,19 +328,19 @@ The raw way | ||||
| ~~~~~~~~~~~ | ||||
|  | ||||
| The simple, raw way to limit access to pages is to check | ||||
| ``request.user.is_anonymous()`` and either redirect to a login page:: | ||||
| ``request.user.is_authenticated()`` and either redirect to a login page:: | ||||
|  | ||||
|     from django.http import HttpResponseRedirect | ||||
|  | ||||
|     def my_view(request): | ||||
|         if request.user.is_anonymous(): | ||||
|         if not request.user.is_authenticated(): | ||||
|             return HttpResponseRedirect('/login/?next=%s' % request.path) | ||||
|         # ... | ||||
|  | ||||
| ...or display an error message:: | ||||
|  | ||||
|     def my_view(request): | ||||
|         if request.user.is_anonymous(): | ||||
|         if not request.user.is_authenticated(): | ||||
|             return render_to_response('myapp/login_error.html') | ||||
|         # ... | ||||
|  | ||||
| @@ -439,7 +444,7 @@ For example, this view checks to make sure the user is logged in and has the | ||||
| permission ``polls.can_vote``:: | ||||
|  | ||||
|     def my_view(request): | ||||
|         if request.user.is_anonymous() or not request.user.has_perm('polls.can_vote'): | ||||
|         if not (request.user.is_authenticated() and request.user.has_perm('polls.can_vote')): | ||||
|             return HttpResponse("You can't vote in this poll.") | ||||
|         # ... | ||||
|  | ||||
| @@ -605,10 +610,10 @@ Users | ||||
| The currently logged-in user, either a ``User`` instance or an``AnonymousUser`` | ||||
| instance, is stored in the template variable ``{{ user }}``:: | ||||
|  | ||||
|     {% if user.is_anonymous %} | ||||
|         <p>Welcome, new user. Please log in.</p> | ||||
|     {% else %} | ||||
|     {% if user.is_authenticated %} | ||||
|         <p>Welcome, {{ user.username }}. Thanks for logging in.</p>     | ||||
|     {% else %} | ||||
|         <p>Welcome, new user. Please log in.</p> | ||||
|     {% endif %} | ||||
|  | ||||
| Permissions | ||||
|   | ||||
| @@ -106,12 +106,12 @@ All attributes except ``session`` should be considered read-only. | ||||
|     A ``django.contrib.auth.models.User`` object representing the currently | ||||
|     logged-in user. If the user isn't currently logged in, ``user`` will be set | ||||
|     to an instance of ``django.contrib.auth.models.AnonymousUser``. You | ||||
|     can tell them apart with ``is_anonymous()``, like so:: | ||||
|     can tell them apart with ``is_authenticated()``, like so:: | ||||
|  | ||||
|         if request.user.is_anonymous(): | ||||
|             # Do something for anonymous users. | ||||
|         else: | ||||
|         if request.user.is_authenticated(): | ||||
|             # Do something for logged-in users. | ||||
|         else: | ||||
|             # Do something for anonymous users. | ||||
|  | ||||
|     ``user`` is only available if your Django installation has the | ||||
|     ``AuthenticationMiddleware`` activated. For more, see | ||||
|   | ||||
		Reference in New Issue
	
	Block a user