Reputation: 5554
Some internals of Django auth middleware
In the django.contrib.auth middleware I see the code:
class AuthenticationMiddleware(object):
def process_request(self, request):
assert hasattr(request, 'session'), "requires session middleware"
request.__class__.user = LazyUser()
return None
Please avdise me why such a form request._ class _.user = LazyUser() used? Why not just request.user = LazyUser() ?
I know what _ class _ attribute means, but as I undersand direct assignment to instance variable will be better. Where I'm wrong?
Upvotes: 4
Views: 747
Answers (2)
Reputation: 17489
LazyUser is descriptor-class. According to documentation it can be only class attribute not instance one:
For instance,
a.xhas a lookup chain starting witha.__dict__['x'], thentype(a).__dict__['x'], and continuing through the base classes oftype(a)excluding metaclasses.
Upvotes: 9
Reputation: 156278
This is going to affect how requests are created. All such instances will have their user attribute as that particular LazuUser without the need to make that change after each individual request is instantiated.
Upvotes: -1
Related Questions
- Understanding AUTHENTICATION_BACKENDS
- Using middleware class for user authentication in Django project
- Token Based Authentication in latest Django
- How to use Basic HTTP Django Authorization middleware?
- Django custom middleware
- Django - AuthenticationMiddleware setting request.user
- django custom authentication backend with custom middleware (both username,password and token absed auth)
- What's the trick in Django's AuthenticationMiddleware
- Custom Auth backend with middleware
- Django 3rd Party Auth Systems