class PasswordChangeForm A form for allowing a user to change their password.

confirm_login_allowed(user) By default, AuthenticationForm rejects users whose is_active flag is set to False. You may override this behavior with a custom policy to determine which users can log in. Do this with a custom form that subclasses AuthenticationForm and overrides the confirm_login_allowed() method. This method should raise a ValidationError if the given user may not log in. For example, to allow all users to log in regardless of “active” status: from django.contrib.auth.forms imp

login_required(redirect_field_name='next', login_url=None) [source] As a shortcut, you can use the convenient login_required() decorator: from django.contrib.auth.decorators import login_required @login_required def my_view(request): ... login_required() does the following: If the user isn’t logged in, redirect to settings.LOGIN_URL, passing the current absolute path in the query string. Example: /accounts/login/?next=/polls/3/. If the user is logged in, execute the view normally. The

class AdminPasswordChangeForm A form used in the admin interface to change a user’s password. Takes the user as the first positional argument.

user_passes_test(test_func, login_url=None, redirect_field_name='next') [source] As a shortcut, you can use the convenient user_passes_test decorator which performs a redirect when the callable returns False: from django.contrib.auth.decorators import user_passes_test def email_check(user): return user.email.endswith('@example.com') @user_passes_test(email_check) def my_view(request): ... user_passes_test() takes a required argument: a callable that takes a User object and returns

class AuthenticationForm A form for logging a user in. Takes request as its first positional argument, which is stored on the form instance for use by sub-classes. confirm_login_allowed(user) By default, AuthenticationForm rejects users whose is_active flag is set to False. You may override this behavior with a custom policy to determine which users can log in. Do this with a custom form that subclasses AuthenticationForm and overrides the confirm_login_allowed() method. This method shoul

permission_required(perm, login_url=None, raise_exception=False) [source] It’s a relatively common task to check whether a user has a particular permission. For that reason, Django provides a shortcut for that case: the permission_required() decorator.: from django.contrib.auth.decorators import permission_required @permission_required('polls.can_vote') def my_view(request): ... Just like the has_perm() method, permission names take the form "<app label>.<permission codename&g

RemoteUserBackend.configure_user(user) Configures a newly created user. This method is called immediately after a new user is created, and can be used to perform custom setup actions, such as setting the user’s groups based on attributes in an LDAP directory. Returns the user object.

RemoteUserBackend.clean_username(username) Performs any cleaning on the username (e.g. stripping LDAP DN information) prior to using it to get or create a User object. Returns the cleaned username.

RemoteUserBackend.create_unknown_user True or False. Determines whether or not a User object is created if not already in the database. Defaults to True.