Fixed #33561 -- Allowed synchronization of user attributes in RemoteUserBackend.

2025-08-03 10:34:04 +00:00 · 2022-03-04 11:04:07 +01:00 · 2022-03-04 11:04:07 +01:00 · d90e34c61b
commit d90e34c61b
parent 67b5f506a6
6 changed files with 93 additions and 13 deletions
--- a/docs/ref/contrib/auth.txt
+++ b/docs/ref/contrib/auth.txt
@ -649,17 +649,27 @@ The following backends are available in :mod:`django.contrib.auth.backends`:
        information) prior to using it to get or create a user object. Returns
        the cleaned username.

-    .. method:: configure_user(request, user)
+    .. method:: configure_user(request, user, created=True)

-        Configures a newly created user.  This method is called immediately
-        after a new user is created, and can be used to perform custom setup
-        actions, such as setting the user's groups based on attributes in an
-        LDAP directory. Returns the user object.
+        Configures the user on each authentication attempt. This method is
+        called immediately after fetching or creating the user being
+        authenticated, and can be used to perform custom setup actions, such as
+        setting the user's groups based on attributes in an LDAP directory.
+        Returns the user object.
+
+        The setup can be performed either once when the user is created
+        (``created`` is ``True``) or on existing users (``created`` is
+        ``False``) as a way of synchronizing attributes between the remote and
+        the local systems.

        ``request`` is an :class:`~django.http.HttpRequest` and may be ``None``
        if it wasn't provided to :func:`~django.contrib.auth.authenticate`
        (which passes it on to the backend).

+        .. versionchanged:: 4.1
+
+            The ``created`` argument was added.
+
    .. method:: user_can_authenticate()

        Returns whether the user is allowed to authenticate. This method