Correctly set the authentication backend

2026-02-18 00:17:51 +01:00 · 2020-09-21 21:23:31 +02:00
parent a427a255b5
commit 59cb8d48e0
1 changed files with 3 additions and 5 deletions
--- a/wger/core/views/user.py
+++ b/wger/core/views/user.py
@@ -198,13 +198,11 @@ def trainer_login(request, user_pk):
            or user.has_perm('gym.manage_gyms')):
        own = True

-    # Note: it seems we have to manually set the authentication backend here
-    # - https://docs.djangoproject.com/en/1.6/topics/auth/default/#auth-web-requests
-    # - http://stackoverflow.com/questions/3807777/django-login-without-authenticating
+    # Note: when logging without authenticating, it is necessary to set the
+    # authentication backend
    if own:
        del(request.session['trainer.identity'])
-    user.backend = 'django.contrib.auth.backends.ModelBackend'
-    django_login(request, user)
+    django_login(request, user, 'django.contrib.auth.backends.ModelBackend')

    if not own:
        request.session['trainer.identity'] = orig_user_pk