AdventureLog/backend/server/users/backends.py

from django.contrib.auth.backends import ModelBackend
from allauth.socialaccount.models import SocialAccount
from allauth.account.auth_backends import AuthenticationBackend as AllauthBackend
from django.contrib.auth import get_user_model

User = get_user_model()

class NoPasswordAuthBackend(ModelBackend):
    def authenticate(self, request, username=None, password=None, **kwargs):
        # Handle allauth-specific authentication (like email login)
        allauth_backend = AllauthBackend()
        allauth_user = allauth_backend.authenticate(request, username=username, password=password, **kwargs)
        
        # If allauth handled it, check our password disable logic
        if allauth_user:
            has_social_accounts = SocialAccount.objects.filter(user=allauth_user).exists()
            if has_social_accounts and getattr(allauth_user, 'disable_password', False):
                return None
            if self.user_can_authenticate(allauth_user):
                return allauth_user
            return None
        
        # Fallback to regular username/password authentication
        if username is None or password is None:
            return None
        
        try:
            # Get the user first
            user = User.objects.get(username=username)
        except User.DoesNotExist:
            return None
        
        # Check if this user has social accounts and password is disabled
        has_social_accounts = SocialAccount.objects.filter(user=user).exists()
        
        # If user has social accounts and disable_password is True, deny password login
        if has_social_accounts and getattr(user, 'disable_password', False):
            return None
        
        # Otherwise, proceed with normal password authentication
        if user.check_password(password) and self.user_can_authenticate(user):
            return user
        
        return None
feat: Implement disable password authentication for users with social accounts 2025-03-16 21:49:00 -04:00			`from django.contrib.auth.backends import ModelBackend`
			`from allauth.socialaccount.models import SocialAccount`
Refactor authentication backends to enhance NoPasswordAuthBackend functionality; integrate Allauth for email login and improve password handling logic. 2025-05-28 12:21:43 -04:00			`from allauth.account.auth_backends import AuthenticationBackend as AllauthBackend`
			`from django.contrib.auth import get_user_model`

			`User = get_user_model()`
feat: Implement disable password authentication for users with social accounts 2025-03-16 21:49:00 -04:00
			`class NoPasswordAuthBackend(ModelBackend):`
			`def authenticate(self, request, username=None, password=None, **kwargs):`
Refactor authentication backends to enhance NoPasswordAuthBackend functionality; integrate Allauth for email login and improve password handling logic. 2025-05-28 12:21:43 -04:00			`# Handle allauth-specific authentication (like email login)`
			`allauth_backend = AllauthBackend()`
			`allauth_user = allauth_backend.authenticate(request, username=username, password=password, **kwargs)`

			`# If allauth handled it, check our password disable logic`
			`if allauth_user:`
			`has_social_accounts = SocialAccount.objects.filter(user=allauth_user).exists()`
			`if has_social_accounts and getattr(allauth_user, 'disable_password', False):`
			`return None`
Update backend/server/users/backends.py Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> 2025-05-31 21:08:09 -04:00			`if self.user_can_authenticate(allauth_user):`
			`return allauth_user`
			`return None`
Refactor authentication backends to enhance NoPasswordAuthBackend functionality; integrate Allauth for email login and improve password handling logic. 2025-05-28 12:21:43 -04:00
			`# Fallback to regular username/password authentication`
			`if username is None or password is None:`
feat: Implement disable password authentication for users with social accounts 2025-03-16 21:49:00 -04:00			`return None`

Refactor authentication backends to enhance NoPasswordAuthBackend functionality; integrate Allauth for email login and improve password handling logic. 2025-05-28 12:21:43 -04:00			`try:`
			`# Get the user first`
			`user = User.objects.get(username=username)`
			`except User.DoesNotExist:`
feat: Implement disable password authentication for users with social accounts 2025-03-16 21:49:00 -04:00			`return None`

Refactor authentication backends to enhance NoPasswordAuthBackend functionality; integrate Allauth for email login and improve password handling logic. 2025-05-28 12:21:43 -04:00			`# Check if this user has social accounts and password is disabled`
			`has_social_accounts = SocialAccount.objects.filter(user=user).exists()`

			`# If user has social accounts and disable_password is True, deny password login`
			`if has_social_accounts and getattr(user, 'disable_password', False):`
			`return None`

			`# Otherwise, proceed with normal password authentication`
			`if user.check_password(password) and self.user_can_authenticate(user):`
			`return user`

			`return None`