There was a session at this year's djangocon about this very topic. You can see it on youtube at https://youtu.be/uLPZYuj7yTg
On Sunday, October 15, 2017 at 10:06:06 AM UTC-4, majvan wrote:
-- On Sunday, October 15, 2017 at 10:06:06 AM UTC-4, majvan wrote:
Hello,in my application I wanted different user types each having different authentication method.
I think to create authentication backend for each User model is possible.
The difficult part here is to create different user models. AFAIK, all the user classes have to be derived from AbstractBaseUser or its child. So I added this to the settings:AUTH_USER_MODEL = 'myauth.AuthBaseUser'So I wanted to create some AuthBaseUser class in my application which will contain all the common fields for different user types, but it will not represent any particular type of user.
The user types I have:
- Normal user (UUID, email, name, address, password)
- Remote application (UUID, name, generated random secret)
- (other type of remote application with different fields)
The authentication for the Normal user would be with webpage email + password The authentication for the Remote application would be with UUID + random secret with JSON to ask for the temporary token.
I tried to abstract the AuthBaseUser:class AuthBaseUser(AbstractBaseUser, PermissionsMixin): pk = models.UUIDField(primary_key=T#NOTE: no password field hererue , unique=True, default=uuid.uuid4, editable=False,) name = models.CharField(_('name'), max_length=128, blank=False) typ = models.CharField(max_length=16, choices=USER_TYPES, default='normaluser',) date_joined = models.DateTimeField(_('date joined'), auto_now_add=True, default=timezone.now) last_login = models.DateTimeField(_('last login'), auto_now_add=True) is_active = models.BooleanField(_('active'), default=True)Then I wanted to create a RemoteAppUser and NormalUser with 1:1 mapping like this:class NormalUser(AuthBaseUser): user = models.OneToOneField(AuthBaseUser , on_delete=models.CASCADE) email = models.EmailField(_('email address'), unique=True) is_superuser = models.BooleanField(_('superuser' ), default=True) #password = #not decided yet what to add here; for remote app we will have 256b of SHA256's random generated value EMAIL_FIELD = 'email' REQUIRED_FIELDS = AuthBaseUser.REQUIRED_FIELDS.append (['email', 'password', ]) objects = NormalUserManager() def __init__(self, *args, **kwargs): super(AuthBaseUser, self).__init__(*args, **kwargs) def __str__(self): return self.get_username() def get_full_name(self): return self.get_username() def get_short_name(self): return self.get_username()Is there any recommended way to handle such different users? Note that for example I would like store the RemoteApp's secret as SHA256, but I do not need to run the permutations several times with seed etc.
Thanks,
jv
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/300217a9-278d-4418-9795-a0c0ff7eaa87%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment