Add kwargs to backend's authenticate method so that multiple auth backends can be used at the same time #13
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This way, when using multiple authentication backends (ie, a custom django auth backend and custom Saml2Backend) and the first custom backend does not authenticate the user, this other backend can process the next authentication request attempt without crashing.
Collaborator
|
Thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This way, when using multiple authentication backends (ie, a custom django auth backend and custom Saml2Backend) and the first custom backend does not authenticate the user, this other backend can process the next authentication request attempt without crashing.
For example: I have password auth backend and djangosaml2 backend for my site. A user wants to authenticate using password. Let's say the user cannot authenticate with password because of reasons (like... he is only allowed to log in through SSO and my custom auth backend checks for that).
When auth backends says no to password login, django tries djangosaml2 backend passing as kwargs the username and password. These are unexpected keyword arguments for djangosaml2 backend, but it should still be supported as **kwargs so that authentication does not blow up when using multiple backends.
If you look at the code for Auth.ModelBackend you will see that the authenticate method signature contains a **kwargs for this very reason.