Can't run tests if not using AuthenticationMiddleware

Issue #11 resolved
Jonathan Scott
created an issue

After upgrading past 1.4.4 I can no longer run tests if I'm not using AuthenticationMiddleware.

{{{ $ python test ETraceback (most recent call last): File "", line 17, in <module> execute_manager(settings) File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django/core/management/", line 438, in execute_manager utility.execute() File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django/core/management/", line 379, in execute self.fetch_command(subcommand).run_from_argv(self.argv) File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django/core/management/", line 191, in run_from_argv self.execute(args, options.dict) File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django/core/management/", line 220, in execute output = self.handle(*args, options) File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django/core/management/commands/", line 37, in handle failures = test_runner.run_tests(test_labels) File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django/test/", line 360, in run_tests result = self.run_suite(suite) File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django/test/", line 316, in run_suite return unittest.TextTestRunner(verbosity=self.verbosity, failfast=self.failfast).run(suite) File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/unittest/", line 151, in run test(result) File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/unittest/", line 65, in call return, **kwds) File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/unittest/", line 103, in run test(result) File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django_webtest/", line 181, in call self._patch_settings() File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django_webtest/", line 145, in _patch_settings self._setup_auth() File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django_webtest/", line 155, in _setup_auth self._setup_auth_middleware() File "/Users/jonny/Documents/programming/test/wazoku/wazoku-spotlight/spotlight/ve/lib/python2.7/site-packages/django_webtest/", line 166, in _setup_auth_middleware 'django.contrib.auth.middleware.AuthenticationMiddleware') ValueError: 'django.contrib.auth.middleware.AuthenticationMiddleware' is not in list }}}

The 1.5 upgrade says "WebtestUserBackend is inserted after AuthenticationMiddleware, not to the end of middleware list (thanks bigkevmcd);" so I assume it's because it needs the AuthenticationMiddleware to be able to insert the WebtestUserBackend.

Comments (7)

  1. Mikhail Korobov repo owner
    • changed status to open

    Looks like a bug. We can fix it 3 ways in django-webtest:

    1. Don't add WebtestUserMiddleware if there is no AuthenticationMiddleware (but 'user' parameter won't work then);
    2. add AuthenticationMiddleware if it is not in middlewares (but this is not obvious and can change the way site work);
    3. document 'setup_auth=False' attribute in README.rst.

    I'm leaning towards (3) now because it is explicit. What do you think?

    This should work in your case:

    class MyTest(WebTest):
        setup_auth = False
        def test_foo(self):
             res =
  2. Jonathan Scott reporter

    3 seems good but it might not be obvious to people like me who didn't explicitly upgrade webtest (I was setting up a new machine and just used pip to install our (unversioned) requirements file). Is it inappropriate to make reference to setup_auth in the exception?

    Also, 1 would be the most backwards compatible (I think anyone using "user" without the AuthenticationMiddleware before would get errors anyway?)

  3. Mikhail Korobov repo owner

    Mentioning setup_auth flag in an exception is a good idea.

    (1) is not that good because in case of a subclass of AuthenticationMiddleware tests that worked with 1.4.4 may start failing with 1.5+. There is no strict requirement of AuthenticationMiddleware, something that adds 'user' attribute to request is enough.

    Out of curiosity, how does your tests work with 1.4.4 without AuthenticationMiddleware? Do you have another middleware that adds 'user' attribute to request? WebtestUserMiddleware itself should fail if there is no request.user (be it inserted at the end of middleware list or not):

            # AuthenticationMiddleware is required so that request.user exists.
            if not hasattr(request, 'user'):
                raise ImproperlyConfigured(
                    "The django-webtest auth middleware requires the"
                    " authentication middleware to be installed.  Edit your"
                    " MIDDLEWARE_CLASSES setting to insert"
                    " 'django.contrib.auth.middleware.AuthenticationMiddleware'"
                    " class.")
  4. Jonathan Scott reporter

    Good point re: (1)

    We do use a middleware which adds a 'user' to request, that's why we didn't get errors before.

    I think the best way to go is to just explicitly mention setup_auth.

  5. Mikhail Korobov repo owner

    Hmm, so 'user' parameter should be working in your case with 1.4.4.

    setup_auth=False will make it non-working.

    We can make a reference to setup_auth in middleware exception ("The django-webtest auth middleware requires the authentication middleware to be installed...") and add WebtestUserMiddleware to the end of middleware list if AuthenticationMiddleware is not found. This way auth will be working for custom auth middlewares and setup_auth will be mentioned if there is not auth middleware.

    What do you think?

  6. Jonathan Scott reporter

    setup_auth=False didn't seem to break it for me. I didn't write most of these tests so I'm guessing we've just never used anything which requires WebtestUserMiddleware.

    I think that is the best solution. Maintains backwards compatibility and gives instructions when things break.

  7. Log in to comment