Merged multi-auth branch to trunk. See the authentication docs for the ramifications of this change. Many, many thanks to Joseph Kocherhans for the hard work!

git-svn-id: http://code.djangoproject.com/svn/django/trunk@3226 bcc190cf-cafb-0310-a4f2-bffc1f526a37

django/contrib/auth/views.py

@@ -3,7 +3,6 @@ from django.contrib.auth.forms import PasswordResetForm, PasswordChangeForm
 from django import forms
 from django.shortcuts import render_to_response
 from django.template import RequestContext
-from django.contrib.auth.models import SESSION_KEY
 from django.contrib.sites.models import Site
 from django.http import HttpResponse, HttpResponseRedirect
 from django.contrib.auth.decorators import login_required
@@ -19,7 +18,8 @@ def login(request, template_name='registration/login.html'):
             # Light security check -- make sure redirect_to isn't garbage.
             if not redirect_to or '://' in redirect_to or ' ' in redirect_to:
                 redirect_to = '/accounts/profile/'
-            request.session[SESSION_KEY] = manipulator.get_user_id()
+            from django.contrib.auth import login
+            login(request, manipulator.get_user())
             request.session.delete_test_cookie()
             return HttpResponseRedirect(redirect_to)
     else:
@@ -33,8 +33,9 @@ def login(request, template_name='registration/login.html'):
 
 def logout(request, next_page=None, template_name='registration/logged_out.html'):
     "Logs out the user and displays 'You are logged out' message."
+    from django.contrib.auth import logout
     try:
-        del request.session[SESSION_KEY]
+        logout(request)
     except KeyError:
         return render_to_response(template_name, {'title': _('Logged out')}, context_instance=RequestContext(request))
     else: