How does Django Admin Authentication work?

I've been looking at the codes for Django's Admin app to ident开发者_运维知识库ify how they perform blanket authentication check on the user for all of its views without any idea how it was done (Django beginner here).

For example, in Admin's sites.py there is the index view that that isn't called at all if the user is not authenticated. I'm aware that there is some pre-processing that occurs which results in login being called instead but I'm unable to identify the method that calls login.

Does anyone have any ideas on how a request flows for the Admin app?

Here's the relevant file -- django/contrib/admin/sites.py. In particular, look at the admin_view decorator on line 170 (this is where login is called) and the wrap decorator on line 211, the latter of which is applied on each view of the urlpatterns on line 217. (It's similar to how the login_required decorator from django.contrib.auth works).

Basically, every view is wrapped in a decorator that checks whether the user can access the admin site (line 147, request.user.is_active and request.user.is_staff -- note that if the user is not logged in, then request.user is an instance of AnonymousUser, for which is_active and is_staff are always False), and displays the login view if not.