diff options
Diffstat (limited to 'django/contrib/auth/handlers/modpython.py')
-rw-r--r-- | django/contrib/auth/handlers/modpython.py | 31 |
1 files changed, 18 insertions, 13 deletions
diff --git a/django/contrib/auth/handlers/modpython.py b/django/contrib/auth/handlers/modpython.py index e6719794a1..c7d921313d 100644 --- a/django/contrib/auth/handlers/modpython.py +++ b/django/contrib/auth/handlers/modpython.py @@ -22,6 +22,8 @@ def authenhandler(req, **kwargs): os.environ['DJANGO_SETTINGS_MODULE'] = settings_module from django.contrib.auth.models import User + from django import db + db.reset_queries() # check that the username is valid kwargs = {'username': req.user, 'is_active': True} @@ -30,18 +32,21 @@ def authenhandler(req, **kwargs): if superuser_only: kwargs['is_superuser'] = True try: - user = User.objects.get(**kwargs) - except User.DoesNotExist: - return apache.HTTP_UNAUTHORIZED - - # check the password and any permission given - if user.check_password(req.get_basic_auth_pw()): - if permission_name: - if user.has_perm(permission_name): - return apache.OK + try: + user = User.objects.get(**kwargs) + except User.DoesNotExist: + return apache.HTTP_UNAUTHORIZED + + # check the password and any permission given + if user.check_password(req.get_basic_auth_pw()): + if permission_name: + if user.has_perm(permission_name): + return apache.OK + else: + return apache.HTTP_UNAUTHORIZED else: - return apache.HTTP_UNAUTHORIZED + return apache.OK else: - return apache.OK - else: - return apache.HTTP_UNAUTHORIZED + return apache.HTTP_UNAUTHORIZED + finally: + db.connection.close() |