hgolov hgolov - 1 month ago 20
Python Question

User has no attribute backend with custom auth backend, but I called authenticate

I create a custom authorization backend in a django project.

I subclassed the AuthenticationForm and overrode the clean method. The clean method calls the authenticate method from my auth backend, and my auth backend returns the authenticated user.

Settings:

AUTHENTICATION_BACKENDS = [
'django.contrib.auth.backends.ModelBackend',
'accounts.authentication_backend.MyAuthBackend',
]


However, I'm still getting the following error:

AttributeError: 'User' object has no attribute 'backend'

All the posts I've found for this error refer to django documentation that requires authenticating before calling login, but I did!

AuthBackend:

class MyAuthBackend(object):
supports_inactive_user = False

def authenticate(self, username=None, password=None, v_code=None):
print("****************\t\nin authenticate: tz:{}, phone:{}, code:{}\r\n********************".format(
username, password, v_code))
if not username or not password or not v_code:
return None
auth_response = MyUtilityClass.authenticateUser(password, username, v_code)

if auth_response['status_code'] != 200:
return None
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = User(username=username, password=phone)
user.save()
print ("about to return user:{}".format(user))
return user

def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None


AuthenticationForm

class MyAuthForm(AuthenticationForm):

username = forms.IntegerField(label=_("Teudat_Zehut"))
password = forms.CharField(label=_("Mobile_Phone"))
v_code = forms.CharField(label=_("Code"), required=True)

def clean(self):
user, created = User.objects.get_or_create(
username=self.cleaned_data['username'],
password=self.cleaned_data['password']
)

backend = MyAuthBackend()
self.user_cache = backend.authenticate(username=self.cleaned_data['username'],
password=self.cleaned_data['password'], v_code=self.cleaned_data['v_code'])
print("in clean wakeup auth, the user returned from authenticate:{}".format(self.user_cache))
if self.user_cache is None or not self.user_cache.is_active:
raise forms.ValidationError(_("Your username and password didn't match. Please try again"))
return self.cleaned_data


Stacktrace:

****************
in authenticate: tz:327184271, phone:0548409573, code:dsfersfef
********************
about to return user:327184271
in clean wakeup auth, the user returned from authenticate:327184271
Internal Server Error: /report/login/
Traceback (most recent call last):
File "C:\Users\user\Dropbox\virtualenvs\wakeup27\lib\site- packages\django\core
\handlers\base.py", line 149, in get_response
response = self.process_exception_by_middleware(e, request)
File "C:\Users\user\Dropbox\virtualenvs\wakeup27\lib\site-packages\django\core\handlers\base.py", line 147, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "C:\Users\user\Dropbox\virtualenvs\wakeup27\lib\site-packages\django\contrib\auth\views.py", line 49, in inner
return func(*args, **kwargs)
File "C:\Users\user\Dropbox\virtualenvs\wakeup27\lib\site-packages\django\views\decorators\debug.py", line 76, in sensitive_post_parameters_wrapper
return view(request, *args, **kwargs)
File "C:\Users\user\Dropbox\virtualenvs\wakeup27\lib\site-packages\django\utils\decorators.py", line 149, in _wrapped_view
response = view_func(request, *args, **kwargs)
File "C:\Users\user\Dropbox\virtualenvs\wakeup27\lib\site-packages\django\views\decorators\cache.py", line 57, in _wrapped_view_func
response = view_func(request, *args, **kwargs)
File "C:\Users\user\Dropbox\virtualenvs\wakeup27\lib\site-packages\django\contrib\auth\views.py", line 76, in login auth_login(request, form.get_user())
File "C:\Users\user\Dropbox\virtualenvs\wakeup27\lib\site-packages\django\contrib\auth\__init__.py", line 112, in login
request.session[BACKEND_SESSION_KEY] = user.backend
AttributeError: 'User' object has no attribute 'backend'

Answer

You shouldn't call your backend methods directly. Instead, use the functions defined in django.contrib.auth:

from django.contrib.auth import authenticate


class MyAuthForm(AuthenticationForm):
    ...
    def clean(self):
        ...
        self.user_cache = authenticate(username=self.cleaned_data['username'],
            password=self.cleaned_data['password'], v_code=self.cleaned_data['v_code'])
        ...

This will try each configured backend until authentication is successful.

Comments