Friday, May 29, 2015

Re: Help with customizing Django authentication

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJVaN+sAAoJEC0ft5FqUuEhyeAP/R2B+FBkk4+sO/sbnraBI2sD
f3KIJ4/lRCc6Ae7M70ME6c3lVTxlWO0+xESs95rV63pzD4s44q0v2o80L/44AC8D
xIh7Ye/O6Xq2a0A1kdPcnFaeT9YwTGdU7S6o3rsqm9G0CHi3DqFPm0enY+r7+qSy
JzYrhVNZJGzzrbFJyJiAHpgS2Vfz+7Bu+NcujkhkCApHy/T/arq8nsFsuFCfvASB
YBKCIlwGTgp9v5FQTVHQvtprBoR8GgB3kKG472rpKHaN1CUN+H62NOJsefVgUh/O
fiB4wJkuPRz5GYS53hFaDLpjFGnjO0Fq0/znKINzZaNNfu4QC99WSZFs7jn31BsG
wEKXKRhIMr1EhaXvBy4hb6IPqDg4vfEL8UzmRw0obkKw0upCiB/PQzXdyVHXsajX
oY3IFEFUkZkQ+dwncxPOYORY1aUbQf0xhK3NqyiQ3nKnH3+usmAmMDQn3F3TXEwE
Hp86nLXrQFf9E56azwyJ0ulXIY8hMXQLEK3V9L37Tqxm2CqyDtuniKVCKlm3SIIa
ySm9r+ak02cOQkMTh8eWFWOfS0PlDw+zXk2v7d2rDZhxDpvkEVUpynz3suiAP5ab
Ov6keO4+ve2VfmZm0CxmCZKFnEpwV4nypKRFFAxQiXPXTjzjpGm6MAibcFP82cjG
n+pBAdZkqgKr5OfuJM3T
=aY5c
-----END PGP SIGNATURE-----
Hello Carlos,

On 05/29/2015 03:19 PM, Carlos Ribas wrote:
> Hello,
>
> I have to confess that I did not understand your suggestion. How this
> will help me to reverse the logic of my system? I mean, instead of User
> with or without a profile (the Person class, in my case), I want a
> Person with or without a User.
>
> Thanks anyway
>
> Em quarta-feira, 27 de maio de 2015 12:54:59 UTC-3, Carlos Ribas escreveu:
>
> Hello All,
>
> I am currently extending the existing User model to store additional
> information. So, basically I have:
>
> # models.py
> class Person(models.Model):
> user = models.OneToOneField(User, verbose_name=_('User'))
> zipcode = models.CharField(_('Zip Code'), max_length=9,
> blank=True, null=True)
> street = models.CharField(_('Address'), max_length=255,
> blank=True, null=True)
> ...
>
> #admin.py
> class PersonAdmin(admin.StackedInline):
> model = Person
> ...
>
> class UserAdmin(UserAdmin):
> inlines = (PersonAdmin, )
> ...
>
> admin.site.unregister(User)
> admin.site.register(User, UserAdmin)
>
>
> The problem is that my system should be able to register a new
> person, but this person may not need an account on the system (I
> just need to have his/her information). Right now, I can not create
> a person without an account. Besides that, first_name and last_name
> fields are not in the person class.
>
> I am wondering what is the best solution for my case. Probably, I
> will need to move the first_name and last_name fields to the Person
> class, and to do that, I will have to create custom users, is that
> right?

Yes, the best solution for your case (and for all Django projects) is to
use a custom User model.

In order to have every User linked to a Person, but not all Persons
linked to Users, you need to place the OneToOneField on the User model
pointing to Person, rather than the other way around. And in order to do
that, you need to have control over the User model.

(You _could_ sort of do it without a custom User model by having a
ManyToMany relationship between User and Person, but that allows a wide
variety of situations you don't want to allow.)

> If that is the case, may I just copy and paste the lines shown here
> (https://github.com/django/django/blob/master/django/contrib/auth/models.py
> <https://github.com/django/django/blob/master/django/contrib/auth/models.py>)
> and remove the lines about first_name and last_name?

No, you should follow the documentation on custom User models.

You'll want to inherit from AbstractBaseUser instead of AbstractUser, so
as to not have first_name and last_name fields. You'll need to add the
PermissionsMixin and probably a few other fields (including a username
field). The docs should explain what you need to know.

Carl

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/5568DFAC.8020800%40oddbird.net.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment