over 8 years ago
There are times when you are not worried about user authentication but still want to have each user sees only his/her stuff. Then you need a way to login a user without password, here is the solution posted on stackoverflow
Normally, when logging a user with password, authenticate() has to be called before login():
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
login(request, user)
What authenticate does is to add an attribute called backend with the value of the authentication backend, take a look at the line of the source code. The solution is to add this attribute yourself:
#assuming the user name is passed in via get
username = self.request.GET.get('username')
user = User.objects.get(username=username)
#manually set the backend attribute
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
That's it!
