24 lines
936 B
Python
24 lines
936 B
Python
from django.contrib.auth.backends import ModelBackend
|
|
from django.db.models import Q
|
|
from django.contrib.auth import get_user_model
|
|
|
|
UserModel = get_user_model()
|
|
|
|
|
|
class CustomBackend(ModelBackend):
|
|
def authenticate(self, request, username=None, password=None, **kwargs):
|
|
if username is None:
|
|
username = kwargs.get(UserModel.USERNAME_FIELD)
|
|
if username is None or password is None:
|
|
return
|
|
try:
|
|
user = UserModel._default_manager.get(
|
|
Q(username=username) | Q(phone=username) | Q(email=username))
|
|
except UserModel.DoesNotExist:
|
|
# Run the default password hasher once to reduce the timing
|
|
# difference between an existing and a nonexistent user (#20760).
|
|
UserModel().set_password(password)
|
|
else:
|
|
if user.check_password(password) and self.user_can_authenticate(user):
|
|
return user
|