On 9/30/06, Enrico <[EMAIL PROTECTED]> wrote:
>
> I can't imagine someone needing to authenticate a non-active user, and
> even if someone do, he'll be able to do it manually, or passing
> "is_active=False" to the authenticate method.
I can think of one obvious use case - notifying a user that th
Hi,
I agree. I'm just not so sure about the is_valid_user method, people
will have to start checking for this method instead of checking for an
existent user.
I can't imagine someone needing to authenticate a non-active user, and
even if someone do, he'll be able to do it manually, or passing
"i
> About this, I just thought that the authenticate method should require
> an active user. But it won't hurt to check myself or use the default
> AuthenticationForm.
This was my understanding as well, from reading the docs. I would consider
an "is_active = False" to be the same as user/password
Hi Russel,
Nice to see that my "report" was useful, I'll try to keep with the
pickyness then. :)
> This is a slightly different matter; is_authenticated() only validates
> that the user has provided a username and password that match.
About this, I just thought that the authenticate method shou
On 9/29/06, Enrico <[EMAIL PROTECTED]> wrote:
>
> I think he shouldn't be able to log in at all, instead of logging in
> and being able to do nothing.
That is my reading of the docs, too; I was a little surprised when
testing revealed that this wasn't the actual behaviour. I've just
committed r38
Hi Russel,
As I said, in my tests an inactive user with staff status could log
into the admin, but had no permissions even if he's a superuser.
I think he shouldn't be able to log in at all, instead of logging in
and being able to do nothing.
In the admin, he can't see nothing, but in other par
On 9/28/06, Enrico <[EMAIL PROTECTED]> wrote:
>
> Hi Waylan,
>
> Thanks for your help, the fog has gone now. :)
Just to further Waylan's comments:
The purpose of 'is_active' is to identify an 'active' user - that is,
a user whose account can still be used to log in.
This is an alternative to de
Hi Waylan,
Thanks for your help, the fog has gone now. :)
Maybe the docs should be a little clearer...
Regards.
Enrico
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group,
On 9/27/06, Enrico <[EMAIL PROTECTED]> wrote:
>
> Hi all,
>
> I got a little confused about the auth docs.
> Both is_staff and is_active designates that a user can log into the
> admin, so... what's the real difference?
My (limited) understanding is that a User who `is_active` is a user in
the sy
Hi all,
I got a little confused about the auth docs.
Both is_staff and is_active designates that a user can log into the
admin, so... what's the real difference?
I've made some tests combining active, staff and superuser:
- Only active: no login
- Only staff: login but no default permissions
-
10 matches
Mail list logo
