I need a proper and detailed explanation and understanding of how Django content type model works and the use and purposes of generic relationships. I am trying to create an anonymous chatting app where users can come and register and other people can send them messages whether registered or not through a link the user created and they would not know who sent it.
Related
I am using django class based view for my web application. I using django auth class for user sign up and login. In my app, users can be off more than 3 types. Every type of user will have more or less different privilege in the type. I dont know how can I manage different type of users.
So I need advice how can I implement this.
I have a RestAPI created with the Django rest framework.
I need to create authentication for the API that will allow access on a predefined by the admin user name and password.
IS it possible with DRF?
Also, I want that every object created will be assigned to the user (which I guess includes using some kind of decorator in the view?)
DRF already ships with BasicAuthentication, which has the user send their username + password with each request. That sounds like what you want. (If it isn't, you can write your own Authentication class.)
To automagically assign created objects to the authenticated user, use CurrentUserDefault on the relevant User field.
I'm trying to build a Django website that will be maintained and used by university students mainly. I need to restrict access to a few pages for certain approved students, but it would be very unmaintainable if I needed to create a new Django user for every student that wants to log in. Luckily, the university provides an API to check whether a username/password combination is correct. So I had the idea to create an authentication model complementary to Django's model, where users' university account can get approved by an admin, after which it is a valid login to view certain pages.
So essentially, some users may use a Django account (if they're in charge for the content of the website), and other users may just log in to view some pages with their uni account. For the uni account, the minimum amount of info should be stored (in other words, only the username is really required to approve certain users).
I can't seem to figure out how to build such a system in Django. I cannot use the standard User object because it stores data that is completely redundant, and I cannot substitute the user model because that would only make things incredibly complex. It seems reasonable to forget the User model altogether, but Authenticate needs to return a valid user. This makes me wonder, can I create regular Django users with as little information filled in as possible (dummy data except for the username), and then authenticate them with the API? Probably, but that hardly seems like a good idea.
To authenticate users using the university API, all you need to do is to write an authentication backend. You can then create a local user for these uni users the first time they login, since there is only two required fields: username and password. You can use set_unusable_password() so check_password() for this user will never return True.
The Django admin system is tightly coupled to the Django User object
described at the beginning of this document. For now, the best way to
deal with this is to create a Django User object for each user that
exists for your backend (e.g., in your LDAP directory, your external
SQL database, etc.) You can either write a script to do this in
advance, or your authenticate method can do it the first time a user
logs in.
I am trying to build a django app with two types of users, public users that log in with facebook and enterprise users who log in with email/password. I currently am using allauth with a custom user model that lets public users log in with facebook but I am lost as to what approach I should take with creating this new enterprise user type.
There have been suggestions that I should subtype the custom user model such as in http://michalcodes4life.wordpress.com/2014/02/08/multiple-user-types-in-django-1-6/ however, this example does a poor job of showing how to integrate this with socialauth. How do I tell if the users logged in from the main page, which suggests I should make a public user, versus from the corporate log in, in which case I should make an enterprise user. How do I even specific two different reroutes depending on signup/login from different starting pages?
Other options like creating different UserProfile models seem to defeat the point of me making the custom user model to begin with. Also doesn't having a separate UserProfile model slow down DB searches? Also, I would still have to have two separate UserProfile types for public and enterprise users so I would still run into the same problem as with the first option so I might as well just subtype the custom users instead of adding to the mess with UserProfiles. Again, the problem of how to specify different redirects after signup and specify which type of user to create still exists.
The last option seems to be to use the admin system in Django for enterprise accounts. However, wouldn't this mean I would have to make the admin system UI presentable? Also, these enterprise accounts should not have access to the ability to edit users fields, so their permissions would be restricted to solely viewing public users on the site.
I'm using the authentication that ships with django, and as such, it comes with its own SQL table. I have a few more attributes I'd like to use with the User model that are custom to my app such as a user photo or a random user blob where users can type in notes.
what's the best way of extending the existing user table that ships with django's authentication/authorization modeling to allow for my custom fields?
Please see my (and others) answer to this question:
The other way to handle this is to do table inheritance on the User model and develop your own derived EnhancedUser model. Typically a custom wrapper backend is also written to make sure the auth subsystem returns the EnhancedUser model as well.
There's a very good blog post answer here.