I got subdomains setup via django-subdomains and the django sites framework but I got problem and that is that I don't know how I can link Users to have access to only a certain subdomain. For example user1 from company1 only has acces to company1.arandomdomain.com
Found the answer here How to get unique users across multiple Django sites powered by the "sites" framework?
In short you have to write your own authentication backend to check for they condition you need to check. See docs here https://docs.djangoproject.com/en/1.7/topics/auth/customizing/#writing-an-authentication-backend
In my case I had to check first if the user is an admin so he/she can go and otherwise I had to check the userprofile which is linked a site and match that to the current site.
Related
I am building a django application in which user will be able to sign up or sign in only via their EBay account, no email/username or password required. I couldn't find any authentication library for EBay though there are many for google, facebook, twitter etc.
So I got the EBay part working. EBay basically returns (on consent of user) Email and a IEFS token which is unique to that user and wont change. I want to use those two fields only to create a authenticate user across whole application. I don't want username, emails, firstname, lastname or password that ships with django User model. The documentation is quite big and I am confused where to start, any proper suggestion will be big help. Thank you.
Here is a bit of insight, the code is yours to make :
You can extend the user model from Django and decide which field to use, you could for example create a Ebay ID field Abstract User
Once this is done you want to add the ebay ID to an user, just create an account with email and ID, the user won't need any more info
Finally allow user to connect only by email, either by overriding custom login from Django or using a package like Django Allauth
Please note that unless your site is accessible only by Ebay users, allowing user to connect with email/password is recommended.
It is perfectly doable, just make good use of the documentation
I'm currently developing 2 different sites at the same time: one of them is a heavily customized django-admin interface, and the other a "stand-alone" website that will share it's database with the previous one .
Even though they are related, I'd like my users not to loosely identify between the two sites : they are both able to be independant of the other.
However, a problem arises when someone is logged in the "admin" site : when they go to the other website, they are automatically logged. Won't happen the other way unless I allow it though, as the admin site requires special permissions in the User model.
I already created an UserProfile that can differentiate an user of one of the sites or of the both.
So, knowing all this, how can I make sure that the customers of the admin site don't get to be authenticated when in the other web site (without, of course, logging them out from the first one) ?
Thanks !
EDIT : To format it better, here is what I got , summed up :
One admin application / site Both running
One related application / site on same server,
sharing settings and urls.py
If some is logged in admin, I want to require them to create a new session to log on [related site] : this, without logging them off the admin site.
What changes should I do to this configuration to achieve this ?
Put different SESSION_COOKIE_DOMAIN and SESSION_COOKIE_NAME for each appication. Hope this solve your issue.
SESSION_COOKIE_DOMAIN = 'site1.com' #site2.com for other
SESSION_COOKIE_NAME = 'sid1' #sid2 for other
Disclaimer: I asked the question also at Google+, but I'm not sure how active the community there is
I'm struggling with Django CMS' permissions, and the documentation remains unclear for me.
I have the following requirements:
All CMS pages should be available only for authenticated users
Editing shall only be allowed to staff
Some pages should be only visible to a certain group
I don't find the way to achieve this. Could you point me to the right combination of settings?
Here are some more specific questions:
How does the "Login required" in the page permissions form relate to the other permissions you can set on the page?
If once set a view restriction for "this and all children", how can I remove it on a child page?
Why does CMS_PUBLIC_FOR not have a value for "Authenticated users"?
Is there a way to just restrict viewing of all CMS pages to authenticated users without restricting by a specific group?
Would be great if anyone had some hints.
Thanks!
I found a solution myself now:
First I wrote a custom middleware that redirects all requests to Django CMS pages to the login. Then, I removed the “can view pages” permission from all groups and all global permissions for non-staff.
Finally I removed all view restrictions on the page root and set them only on the particular pages which should be restricted.
If you are interested about some more findings in Django CMS' permissions: I blogged some thoughts about it here: http://blog.webrunners.de/2015/09/08/django-cms-permission-pitfalls/
I'm building a web application where I have 2 sets of users (students and teachers). Teachers should be able to create their account, create a page of their content. Students should be able to create an account to sign up for this content. I am currently using django-registration to handle registration but I am wondering what's the best way to handle these 2 sets of users and still be able to use the Django authentication framework? I have heard about having multiple profiles but would like some opinions.
Thanks!
You could use permissions. When they sign up if they're a Teacher give them content creation permissions. If they're a student they don't get the permissions.
In the user profile I would just have a field that says which type they are. Unless a lot of the data is different I wouldn't have two user profiles.
How can I create a single log-in and profile for a network of three sites using Django?
I have a network of three sites and instead of having the user create a profile at each of the three sites, I'd like the user to only need to register one time, and then be able to use all three.
Is there an elegant solution to this problem?
Let the sites share the databases. Hence they will have a common user table.
Take a look at the django sites framework: http://docs.djangoproject.com/en/dev/ref/contrib/sites/
Depends on your server(s).
Do all the sites have access to the same DB? Then use dcrodjer's answer.
If not, you can implement a OAuth style Single Signon Service, that the other sites authenticate against.
Ex:
site1.example.com
site2.example.com
site3.example.com
siteN.example.com
Would auth against oauth.example.com
If you can put those three sites into subdomains of a single domain, then I'm almost sure you can stick to what Django offers. What I'm writing about is something like this:
site1.mydomain.com
site2.mydomain.com
site3.mydomain.com
-- where login is implemented at mydomain.com.
Basically, mydomain.com should serve a small Django page that implements only the login form and maintains session for ".mydomain.com" domain (note the leading dot - it's required for the session to propagate to site1..3 subdomains). So if you log into mydomain.com, you're effectively logged into all three subsites.
And the easiest way to share server-side auth and session data is to make ubsites 1,2,3 use two databases, one small database shared with mydomain.com for auth and session data, and the other one specific to given site.