Orignially, we were logging in users by storing the user object in the session. But the Django auth system provides a login function, which makes the logged in user available from request.user, and provides easy tests to see if a user has been authenticated by the system.
We have some decorators which apply a consistent pattern of authentication checking to views and ajax endpoints. for ajax endpoints, we have the decorater @ajax_endpoint_login_required().
Task
The endpoint follow_post() uses the old style of authentication checking. It should be migrated to the new-style, by using the above-mentioned decorator.
We have a new notifications system for other types of content, like questions, letters, discussions, etc. This subscription mechanism for issues should be harmonized with the global subscription mechanism.
Intro
Orignially, we were logging in users by storing the user object in the session. But the Django auth system provides a login function, which makes the logged in user available from
request.user
, and provides easy tests to see if a user has been authenticated by the system.We have some decorators which apply a consistent pattern of authentication checking to views and ajax endpoints. for ajax endpoints, we have the decorater
@ajax_endpoint_login_required()
.Task
The endpoint
follow_post()
uses the old style of authentication checking. It should be migrated to the new-style, by using the above-mentioned decorator.