lino.core.auth

This package contains code from django.contrib.auth which needed a little adaptation for Lino.

These objects are being managed automatically by Lino and basically as an application developer or system admin you don't need to care about them.

backends

This started as a copy of Django 1.11 django.contrib.auth.backends.

middleware

(This module's source code is available here.)

utils

Utilities for authentication.

(This module's source code is available here.)

Functions

_authenticate_with_backend(backend, ...)

_clean_credentials(credentials)

Cleans a dictionary of credentials of potentially sensitive info before sending to less secure functions.

_get_backends([return_tuples])

_get_user_session_key(request)

authenticate([request])

If the given credentials are valid, return a User object.

get_backends()

get_permission_codename(action, opts)

Returns the codename of the permission for the specified action.

get_user(request)

Returns the user model instance associated with the given request session.

get_user_model()

Returns the User model that is active in this project.

load_backend(path)

login(request, user[, backend])

Persist a user id and a backend in the request.

logout(request)

Removes the authenticated user's ID from the request and flushes their session data.

update_session_auth_hash(request, user)

Updating a user's password logs out all sessions for the user.

lino.core.auth.authenticate(request=None, **credentials)

If the given credentials are valid, return a User object.

lino.core.auth.login(request, user, backend=None)

Persist a user id and a backend in the request. This way a user doesn't have to reauthenticate on every request. Note that data set during the anonymous session is retained when the user logs in.

lino.core.auth.logout(request)

Removes the authenticated user's ID from the request and flushes their session data.

lino.core.auth.get_user_model()

Returns the User model that is active in this project.

lino.core.auth.get_user(request)

Returns the user model instance associated with the given request session. If no user is retrieved an instance of AnonymousUser is returned.

lino.core.auth.get_permission_codename(action, opts)

Returns the codename of the permission for the specified action.

lino.core.auth.update_session_auth_hash(request, user)

Updating a user's password logs out all sessions for the user.

This function takes the current request and the updated user object from which the new session hash will be derived and updates the session hash appropriately to prevent a password change from logging out the session from which the password was changed.