From a2d5ea626ec6aa4eab6b018c4bce58cb27e20676 Mon Sep 17 00:00:00 2001
From: Hasan Ramezani <hasan.r67@gmail.com>
Date: Wed, 10 Mar 2021 14:08:37 +0100
Subject: [PATCH] Refs #32508 -- Raised ImproperlyConfigured instead of using
 "assert" in middlewares.

---
 django/contrib/admindocs/middleware.py | 12 +++++++-----
 django/contrib/auth/middleware.py      | 14 ++++++++------
 tests/admin_docs/test_middleware.py    |  3 ++-
 tests/auth_tests/test_middleware.py    |  3 ++-
 4 files changed, 19 insertions(+), 13 deletions(-)

diff --git a/django/contrib/admindocs/middleware.py b/django/contrib/admindocs/middleware.py
index 4779db8366..cf8879d75a 100644
--- a/django/contrib/admindocs/middleware.py
+++ b/django/contrib/admindocs/middleware.py
@@ -1,4 +1,5 @@
 from django.conf import settings
+from django.core.exceptions import ImproperlyConfigured
 from django.http import HttpResponse
 from django.utils.deprecation import MiddlewareMixin
 
@@ -16,11 +17,12 @@ class XViewMiddleware(MiddlewareMixin):
         header indicating the view function. This is used to lookup the view
         function for an arbitrary page.
         """
-        assert hasattr(request, 'user'), (
-            "The XView middleware requires authentication middleware to be "
-            "installed. Edit your MIDDLEWARE setting to insert "
-            "'django.contrib.auth.middleware.AuthenticationMiddleware'."
-        )
+        if not hasattr(request, 'user'):
+            raise ImproperlyConfigured(
+                "The XView middleware requires authentication middleware to "
+                "be installed. Edit your MIDDLEWARE setting to insert "
+                "'django.contrib.auth.middleware.AuthenticationMiddleware'."
+            )
         if request.method == 'HEAD' and (request.META.get('REMOTE_ADDR') in settings.INTERNAL_IPS or
                                          (request.user.is_active and request.user.is_staff)):
             response = HttpResponse()
diff --git a/django/contrib/auth/middleware.py b/django/contrib/auth/middleware.py
index 5bd176ef69..1cd84f1cc9 100644
--- a/django/contrib/auth/middleware.py
+++ b/django/contrib/auth/middleware.py
@@ -14,12 +14,14 @@ def get_user(request):
 
 class AuthenticationMiddleware(MiddlewareMixin):
     def process_request(self, request):
-        assert hasattr(request, 'session'), (
-            "The Django authentication middleware requires session middleware "
-            "to be installed. Edit your MIDDLEWARE setting to insert "
-            "'django.contrib.sessions.middleware.SessionMiddleware' before "
-            "'django.contrib.auth.middleware.AuthenticationMiddleware'."
-        )
+        if not hasattr(request, 'session'):
+            raise ImproperlyConfigured(
+                "The Django authentication middleware requires session "
+                "middleware to be installed. Edit your MIDDLEWARE setting to "
+                "insert "
+                "'django.contrib.sessions.middleware.SessionMiddleware' before "
+                "'django.contrib.auth.middleware.AuthenticationMiddleware'."
+            )
         request.user = SimpleLazyObject(lambda: get_user(request))
 
 
diff --git a/tests/admin_docs/test_middleware.py b/tests/admin_docs/test_middleware.py
index 9f5f19fa32..5d737f1bfd 100644
--- a/tests/admin_docs/test_middleware.py
+++ b/tests/admin_docs/test_middleware.py
@@ -1,4 +1,5 @@
 from django.contrib.auth.models import User
+from django.core.exceptions import ImproperlyConfigured
 from django.test import override_settings
 
 from .tests import AdminDocsTestCase, TestDataMixin
@@ -54,5 +55,5 @@ class XViewMiddlewareTest(TestDataMixin, AdminDocsTestCase):
             "installed. Edit your MIDDLEWARE setting to insert "
             "'django.contrib.auth.middleware.AuthenticationMiddleware'."
         )
-        with self.assertRaisesMessage(AssertionError, msg):
+        with self.assertRaisesMessage(ImproperlyConfigured, msg):
             self.client.head('/xview/func/')
diff --git a/tests/auth_tests/test_middleware.py b/tests/auth_tests/test_middleware.py
index 565d0f7692..79856bb8b0 100644
--- a/tests/auth_tests/test_middleware.py
+++ b/tests/auth_tests/test_middleware.py
@@ -1,5 +1,6 @@
 from django.contrib.auth.middleware import AuthenticationMiddleware
 from django.contrib.auth.models import User
+from django.core.exceptions import ImproperlyConfigured
 from django.http import HttpRequest, HttpResponse
 from django.test import TestCase
 
@@ -38,5 +39,5 @@ class TestAuthenticationMiddleware(TestCase):
             "'django.contrib.sessions.middleware.SessionMiddleware' before "
             "'django.contrib.auth.middleware.AuthenticationMiddleware'."
         )
-        with self.assertRaisesMessage(AssertionError, msg):
+        with self.assertRaisesMessage(ImproperlyConfigured, msg):
             self.middleware(HttpRequest())