(self, request, username=None, password=None, **kwargs)
| 63 | |
| 64 | @sensitive_variables("password") |
| 65 | def authenticate(self, request, username=None, password=None, **kwargs): |
| 66 | if username is None: |
| 67 | username = kwargs.get(UserModel.USERNAME_FIELD) |
| 68 | if username is None or password is None: |
| 69 | return |
| 70 | try: |
| 71 | user = UserModel._default_manager.get_by_natural_key(username) |
| 72 | except UserModel.DoesNotExist: |
| 73 | user = None |
| 74 | |
| 75 | if check_password_with_timing_attack_mitigation( |
| 76 | user, password |
| 77 | ) and self.user_can_authenticate(user): |
| 78 | return user |
| 79 | |
| 80 | @sensitive_variables("password") |
| 81 | async def aauthenticate(self, request, username=None, password=None, **kwargs): |
nothing calls this directly
no test coverage detected