[PATCH 01/19] settings: Enable 'SessionAuthenticationMiddleware'

Stephen Finucane stephen at that.guru
Wed May 17 04:31:12 AEST 2017


On Wed, 2017-05-10 at 14:13 -0700, Sean Farley wrote:
> Stephen Finucane <stephen at that.guru> writes:
> 
> > On Wed, 2017-05-10 at 13:11 -0700, Sean Farley wrote:
> > > Stephen Finucane <stephen at that.guru> writes:
> > > 
> > > > This raises warnings for Django 1.8 and is mandatory in Django
> > > > 1.10. It
> > > > provides a helpful feature, invalidating a user's session when
> > > > their
> > > > password is changed, and can/should be enabled.
> > > > 
> > > > This resolves all issues with Django 1.8.
> > > > 
> > > > Signed-off-by: Stephen Finucane <stephen at that.guru>
> > > > ---
> > > >  patchwork/settings/base.py | 12 +++++++++---
> > > >  1 file changed, 9 insertions(+), 3 deletions(-)
> > > > 
> > > > diff --git a/patchwork/settings/base.py
> > > > b/patchwork/settings/base.py
> > > > index 5f6aebe..d82c41d 100644
> > > > --- a/patchwork/settings/base.py
> > > > +++ b/patchwork/settings/base.py
> > > > @@ -35,10 +35,16 @@ MIDDLEWARE_CLASSES = [
> > > >  ]
> > > >  
> > > >  if django.VERSION >= (1, 7):
> > > > -    MIDDLEWARE_CLASSES.append(
> > > > -        'django.contrib.admindocs.middleware.XViewMiddleware')
> > > > +    MIDDLEWARE_CLASSES += [
> > > > +        'django.contrib.auth.middleware.SessionAuthenticationM
> > > > iddl
> > > > eware',
> > > > +    ]
> > > > +
> > > > +if django.VERSION >= (1, 7):
> > > > +    MIDDLEWARE_CLASSES += [
> > > > +        'django.contrib.admindocs.middleware.XViewMiddleware'
> > > > +    ]
> > > 
> > > Should this be consolidated with the 'if django.VERSION >= (1,
> > > 7)'
> > > above?
> > 
> > I considered it, but decided to avoid doing so as it kind of hides
> > info. If you look at the whole file, you'll see the second
> > statement
> > has an else clause, which wouldn't be apply to the
> > 'SessionAuthenticationMiddleware'.
> > 
> > That was my thinking at least :)
> 
> Fair enough. A very minor nit anyways, so I'm fine with the whole
> thing (though I'm new here and still figuring out the process for the
> community) :-)

No problem :) Fwiw, you can reply with either 'Reviewed-by:', if you
reviewed a patch, 'Acked-by:', if you're a subject matter expert and
have reviewed a patch, or 'Tested-by:', if you've tested a patch in a
running system.

Cheers,
Stephen


More information about the Patchwork mailing list