How can I programmatically authenticate a user in Django?
There is no other way than "programmatically". Of course, this is documented.
from django.contrib.auth import authenticate, loginuser = authenticate(username=username, password=password)if user is not None: login(request, user)
Alsways be careful when programmatically logging users in, you might get the error ยดuser has no attribute "backend"
. You have to set the backend too if that has no happened previously. Project that uses this and some sample code:
def splash_register(request): if request.session.get('beta'): if request.method=='POST': userform=MyUserCreationForm(request.POST) if userform.is_valid(): #username of <30 char is required by Django User model. I'm storing username as a hash of user email user=userform.save(commit=False) user.username=hash(user.email) user.backend='django.contrib.auth.backends.ModelBackend' user.save() username=user.username password=str(userform.cleaned_data['password']) auth.login(request, user) request.session['first_visit']=True return HttpResponseRedirect("/") else: userform=MyUserCreationForm(request.POST) return render_to_response("website/splash_register.html", {'userform':userform}, context_instance=RequestContext(request)) return render_to_response("website/splash_register.html", context_instance=RequestContext(request)) else: return HttpResponseRedirect('/splash/')
The accepted answer definitely works but, I prefer to use the Django built in auth forms, like django.contrib.auth.forms.AuthenticationForm
Here is a snippet that shows the important part
form = AuthenticationForm(request, data=request.POST)if form.is_valid(): try: form.clean() except ValidationError: # handle error login(request, form.get_user())
The major difference in this approach is that AuthenticationForm.clean
method calls authentication
function for you and checks User.is_active
for you as well.