mirror of
https://github.com/django/django.git
synced 2025-10-24 14:16:09 +00:00
After discussing with Malcolm, added set_unusable_password() and has_usable_password() methods to the User object, plus tests and updated documentation
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5771 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
@@ -7,6 +7,8 @@ from django.utils.translation import ugettext_lazy as _
|
|||||||
import datetime
|
import datetime
|
||||||
import urllib
|
import urllib
|
||||||
|
|
||||||
|
UNUSABLE_PASSWORD = '!' # This will never be a valid hash
|
||||||
|
|
||||||
try:
|
try:
|
||||||
set
|
set
|
||||||
except NameError:
|
except NameError:
|
||||||
@@ -83,11 +85,14 @@ class Group(models.Model):
|
|||||||
return self.name
|
return self.name
|
||||||
|
|
||||||
class UserManager(models.Manager):
|
class UserManager(models.Manager):
|
||||||
def create_user(self, username, email, password):
|
def create_user(self, username, email, password=None):
|
||||||
"Creates and saves a User with the given username, e-mail and password."
|
"Creates and saves a User with the given username, e-mail and password."
|
||||||
now = datetime.datetime.now()
|
now = datetime.datetime.now()
|
||||||
user = self.model(None, username, '', '', email.strip().lower(), 'placeholder', False, True, False, now, now)
|
user = self.model(None, username, '', '', email.strip().lower(), 'placeholder', False, True, False, now, now)
|
||||||
user.set_password(password)
|
if password:
|
||||||
|
user.set_password(password)
|
||||||
|
else:
|
||||||
|
user.set_unusable_password()
|
||||||
user.save()
|
user.save()
|
||||||
return user
|
return user
|
||||||
|
|
||||||
@@ -179,6 +184,13 @@ class User(models.Model):
|
|||||||
return is_correct
|
return is_correct
|
||||||
return check_password(raw_password, self.password)
|
return check_password(raw_password, self.password)
|
||||||
|
|
||||||
|
def set_unusable_password(self):
|
||||||
|
# Sets a value that will never be a valid hash
|
||||||
|
self.password = UNUSABLE_PASSWORD
|
||||||
|
|
||||||
|
def has_usable_password(self):
|
||||||
|
return self.password != UNUSABLE_PASSWORD
|
||||||
|
|
||||||
def get_group_permissions(self):
|
def get_group_permissions(self):
|
||||||
"Returns a list of permission strings that this user has through his/her groups."
|
"Returns a list of permission strings that this user has through his/her groups."
|
||||||
if not hasattr(self, '_group_perm_cache'):
|
if not hasattr(self, '_group_perm_cache'):
|
||||||
@@ -268,7 +280,8 @@ class User(models.Model):
|
|||||||
return self._profile_cache
|
return self._profile_cache
|
||||||
|
|
||||||
class Message(models.Model):
|
class Message(models.Model):
|
||||||
"""The message system is a lightweight way to queue messages for given users. A message is associated with a User instance (so it is only applicable for registered users). There's no concept of expiration or timestamps. Messages are created by the Django admin after successful actions. For example, "The poll Foo was created successfully." is a message.
|
"""
|
||||||
|
The message system is a lightweight way to queue messages for given users. A message is associated with a User instance (so it is only applicable for registered users). There's no concept of expiration or timestamps. Messages are created by the Django admin after successful actions. For example, "The poll Foo was created successfully." is a message.
|
||||||
"""
|
"""
|
||||||
user = models.ForeignKey(User)
|
user = models.ForeignKey(User)
|
||||||
message = models.TextField(_('message'))
|
message = models.TextField(_('message'))
|
||||||
|
19
django/contrib/auth/tests.py
Normal file
19
django/contrib/auth/tests.py
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
"""
|
||||||
|
>>> from models import User
|
||||||
|
>>> u = User.objects.create_user('testuser', 'test@example.com', 'testpw')
|
||||||
|
>>> u.has_usable_password()
|
||||||
|
True
|
||||||
|
>>> u.check_password('bad')
|
||||||
|
False
|
||||||
|
>>> u.check_password('testpw')
|
||||||
|
True
|
||||||
|
>>> u.set_unusable_password()
|
||||||
|
>>> u.save()
|
||||||
|
>>> u.check_password('testpw')
|
||||||
|
False
|
||||||
|
>>> u.has_usable_password()
|
||||||
|
False
|
||||||
|
>>> u2 = User.objects.create_user('testuser2', 'test2@example.com')
|
||||||
|
>>> u2.has_usable_password()
|
||||||
|
False
|
||||||
|
"""
|
@@ -114,6 +114,17 @@ custom methods:
|
|||||||
string is the correct password for the user. (This takes care of the
|
string is the correct password for the user. (This takes care of the
|
||||||
password hashing in making the comparison.)
|
password hashing in making the comparison.)
|
||||||
|
|
||||||
|
* ``set_unusable_password()`` -- Marks the user as having no password set.
|
||||||
|
This isn't the same as having a blank string for a password.
|
||||||
|
``check_password()`` for this user will never return ``True``. Doesn't
|
||||||
|
save the ``User`` object.
|
||||||
|
|
||||||
|
You may need this if authentication for your application takes place
|
||||||
|
against an existing external source such as an LDAP directory.
|
||||||
|
|
||||||
|
* ``has_usable_password()`` -- Returns ``False`` if
|
||||||
|
``set_unusable_password()`` has been called for this user.
|
||||||
|
|
||||||
* ``get_group_permissions()`` -- Returns a list of permission strings that
|
* ``get_group_permissions()`` -- Returns a list of permission strings that
|
||||||
the user has, through his/her groups.
|
the user has, through his/her groups.
|
||||||
|
|
||||||
@@ -152,9 +163,11 @@ Manager functions
|
|||||||
|
|
||||||
The ``User`` model has a custom manager that has the following helper functions:
|
The ``User`` model has a custom manager that has the following helper functions:
|
||||||
|
|
||||||
* ``create_user(username, email, password)`` -- Creates, saves and returns
|
* ``create_user(username, email, password=None)`` -- Creates, saves and
|
||||||
a ``User``. The ``username``, ``email`` and ``password`` are set as
|
returns a ``User``. The ``username``, ``email`` and ``password`` are set
|
||||||
given, and the ``User`` gets ``is_active=True``.
|
as given, and the ``User`` gets ``is_active=True``.
|
||||||
|
|
||||||
|
If no password is provided, ``set_unusable_password()`` will be called.
|
||||||
|
|
||||||
See _`Creating users` for example usage.
|
See _`Creating users` for example usage.
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user