I want port some my Python scripts into web apps so that others can use it and I'll use some sort of web framework. I've been playing around with Django lately but it doesn't have the basic user registration, email verification stuff built in and one would probably end up using django-registration.
Almost all web applications require you to create an account, verify your account by clicking that verification link in your account and so on. One would save a lot of time if he could just skip past the part of setting up authentication, verification, the usual log-in and log-out pages and get to part of doing the "core" part.
Has anyone come across a pre-configured Python web-framework (Django would be nice) that does the all usual basic stuff? Django has that contrib.auth bit you can add django-registration
(I hope this question sounds reasonable.)
Thanks.
Take a look at Pinax ( http://pinaxproject.com/ ), which consists of a set of Django apps that take care of some of the most common tasks. Including the user registration one you outlined.
However, this is actually not very difficult to build. You are right, most sides need it, but implementing it even from scratch is pretty easy.
web2py take a look at Access Control Chapter in http://web2py.com/book
Related
I am currently developing my first more complex Web Application and want to ask for directions from more experienced Developers.
First I want to explain the most important requirements.
I want to develop a Web App (no mobile apps or desktop apps) and want to use as much django as possible. Because I am comfortable with the ecosystem right now and don't have that much time to learn something new that is too complex. I am inexperienced in the Javascript World, but I am able to do a little bit of jQuery.
The idea is to have one database and many different Frontends that are branded differently and have different users and administrators. So my current approach is to develop a Backend with Django and use Django Rest Framework to give the specific data to the Frontends via REST. Because I have not that much time to learn a Frontend-Framework I wanted to use another Django instance to use as a Frontend, as I really like the Django Template language. This would mean one Django instance one Frontend, where there would be mainly TemplateViews. The Frontends will be served on different subdomains, while the backend exposes the API Endpoints on the top level domain.
It is not necessary to have a Single Page App. A Normal Website with mainly the normal request/response-cycle is fine.
Do you think this is a possible approach to do things? I am currently thinking about how to use the data in the frontend sites in the best way. As I am familiar with the Django template language I thought about writing a middleware that asks about the user details in every request cycle from the backend. The thought is to use a request.user as normally as possible while getting the data from the backend.
Or is ist better to ask these details via jQuery and Ajax Calls and don't use the django template language very much?
Maybe there is also a way to make different Frontends for the same database without using REST?
Or what would you think about using a database with each frontend, which changes everytime I make a change in the main database in the backend? Although I don't really like this approach due to the possibility of differences in data if I make a mistake.
Hopefully this is not to confusing for you. If there are questions I will answer them happily. Maybe I am also totally on the wrong track. Please don't hesitate to point that out, too.
I thank you very much in advance for your guiding and wish you a nice day.
as per my experience and knowledge, you are almost going towards correct direction.
my recommendation is for making backend rest api Django and django rest framework is the best option however for consuming those api you can look for the angular or react both works very well in terms of consuming API.
Thank you for your input om tripathi.
I think it really does make sense to use the modern js frameworks for consuming a REST API.
I looked a little further into my problem and found multitenancy to fit my requirements perfectly. There are also great plugins and good reads for that use case. Just for others some informations I stumbled upon:
https://djangopackages.org/grids/g/multi-tenancy/
https://www.vinta.com.br/blog/2017/multitenancy-juggling-customer-data-django/
Especially the second link gave me information about different design approaches. For myself I chose to go the way with one database for every Client and then using the site framework from django to seperate data. For the Subdomain resolving I use django-hosts.
Thank you again and have a nice day.
I'm building an app with a Django backend, Angular frontend, and a REST API using Django REST Framework for Angular to consume. When I was still working out backend stuff with a vanilla frontend, I used the provided Django authentication to handle user auth- but now that I'm creating a REST based app, I'm not sure how to approach authentication.
Since all user data will be either retrieved or submitted via the API, should API authentication be enough? If so, do I need to remove the existing Django authentication middleware?
Right now, when I try to hit API endpoints on an early version of the app, I'm directed to what looks like the normal Django login form. If I enter a valid username and password, it doesn't work- just prompts to login again. Would removing the basic Django authentication prevent this? I want to be prompted to login, however I'm not sure how to handle that with these technologies.
The package django-rest-auth seems useful, and the same group makes an Angular module- but the docs don't go much past installation and the provided endpoints. Ultimately, I think the core of this question is: how do I entirely switch authentication away from what's provided by Django to something like django-rest-auth or one of the other 3rd party packages recommended by DRF?
edit: I made this comment below, but I realized that I need to figure out how combined auth will work. I'm not building a single page app, so individual basic pages will be served from Django, but each page will hit various API endpoints to retrieve the data it needs. Is there a way to have something like django-rest-auth handle all authentication?
To anyone that stumbles onto this question, I couldn't figure out how to make the hybrid approach work. Having Django serve pages that each contained API calls seemed OK, but I never saw any requests made to the API- I believe due to some other security issues. I'm sure it's possible, but I decided to go for the single page app implementation after all to make things simpler.
I am new in Django so I have a question for start working with it. Now I am writing my apps in PHP and Yii2. In Yii, I have to separate apps (frontend and backend) with two auth mechanism. But I want go to Python with Django I know that is admin site but I dont know how to clone functionality like Yii2. I need two different pages for login users (admin and normal users) and 2 panels for them.
Should I use two difference instances of admin site or write it manually?
You don't need to have two different instances. Since the admin pages (backend) are shipped with django out of the box, you can just start building the frontend. Be sure to register your sites to the admin pages for the models you are using.
I recommend going through the great django documentation:
Django Documentation
The django-admin is pretty straightforward and works great out of the box. You are somehow limited in terms of customization though. It depends on what your goals are an how much functionality your administration needs.
More infos here.
I have a new job and a huge django project (15 apps, more than 30 loc). It's pretty hard to understand it's architecture from scratch. Are there any techniques to simplify my work in the beginning? sometimes it's even hard to understand where to find a form or a view that I need... thnx in advance.
When I come to this kind of problem I open up a notebook and answer the following:
1. Infrastructure
Server configuration, OS etc
Check out the database type (mysql, postgres, nosql)
External APIS (e.g Facebook Connect)
2. Backend
Write a simple description
Write its input/output from user (try to be thorough; which fields are required and which aren't)
Write its FK and its relation to any other apps (and why)
List down each plugin the app is using. And for what purpose. For example in rails I'd write: 'gem will_paginate - To display guestbook app results on several pages'
3. Frontend
Check out the JS framework
Check the main stylesheet files (for the template)
The main html/haml (etc) files for creating a new template based page.
When you are done doing that. I think you are much more prepared and able go deeper developing/debugging the app. Good luck.
Use this http://packages.python.org/django-extensions/graph_models.html
to generate the Relationship diagrams from the models so that you can visually see how the models are related to each other. This will give you nice idea about the app
1) Try to install the site from scratch. You will find what external apps are needed for the site to run.
2) Reverse engineer. Browse through the site and try to find out what you have to do to change something to that page. Start with the url, look up in urls.py, read the view, check the model. Are there any hints to other processes?
3) Try to write down everything you don't understand, and document the answers for future reference.
I would clone the project so you can mess up endlessly.
Then I would start to reduce the code. "What happens if if just remove this function here?
Also get django debug toolbar:
https://github.com/django-debug-toolbar/django-debug-toolbar
A good terminal debugger is also golden, there are many out there, here is an example:
https://github.com/tomchristie/django-pdb
This allow you to halt the code and even inject and mutate parameters in runtime. Just like GDB in C.
If you use FireFox you can install FireBug on it and when you for example submit ajax form you can see at which url send you request after what you can easily find controller which work with this form data. At chrome this utility embedded by default and call by F12 key.
I'm working on an intranet django project (not using GAE) for a company that uses Google Apps for login. So I'd like my users to be able to log in to my django project using their google accounts login. OpenID seems appropriate, although maybe Oauth might work too?
I see a lot of similarly named libraries out there to connect django's auth system to external login systems:
django-authopenid - http://bitbucket.org/benoitc/django-authopenid
django-openid - http://github.com/simonw/django-openid
django-openidauth - http://code.google.com/p/django-openid-auth/
django-oauth - http://bitbucket.org/david/django-oauth
Here's what I'd like to do with the integration: Have users login with their google accounts, instead of the native django system. Keep django's permissions model for things like the admin system. So I think that means automatically creating a new user record in django the first time a new account we haven't seen before logs in.
Can anyone with experience using any of these projects advise me on which would work best? Or just advice on which are most active / functional if you've tried them? Thanks!
I finally got this working, so I'll answer my own question since the previous answers here were helpful but don't tell the whole story.
django-openid-auth is actually quite easy to set up and use. The README file is very clear. If you just want to use standard google accounts (i.e. #gmail.com addresses) then you configure it in settings.py with:
OPENID_SSO_SERVER_URL = 'https://www.google.com/accounts/o8/id'
But if you want to use a "google apps" account, i.e. hosted gmail at your own company's domain, then it's more complicated. I got my details from this question. To use your google apps accounts, configure your settings.py to:
OPENID_SSO_SERVER_URL = 'https://www.google.com/accounts/o8/site-xrds?hd=example.com'
# replace example.com with your hosted google apps domain
In the future this might just work, but today it probably won't. The problem is in python-openid which django-openid-auth relies on. The standard build of python-openid doesn't understand some protocol extensions google is using. (Why does google need to extend the protocol? Dig through http://groups.google.com/group/google-federated-login-api/web/openid-discovery-for-hosted-domains and report back. Good luck.) So you need to instead use adieu's patch to python-openid, which is available here:
http://github.com/adieu/python-openid
Install this over your existing python-openid. Now it should work.
Be careful with the OPENID_USE_AS_ADMIN_LOGIN setting since it requires you to have an openid user account which is 'staff' or 'superuser' to use admin which won't happen by default. So you'll need to do a 2-step process of enabling openid, logging in with your openid to create an account in django, then using your old admin account to mark your own openid account as superuser, and then disabling non-openid admin access.
One more thing: your domain admin might need to enable openid login for your domain before this will work. The control is at http://www.google.com/a/cpanel/example.com/SetupIdp
I've used django-openid-auth. Works fine, can create user account when signing first time. You also can associate openid login with user account in django admin panel.
I know this is a late answer, but I'm doing similar stuff and I just discovered django-socialregistration. which basically does OAuth, OpenID, Facebook Connect, etc. Unlike some of the other options it seems to be actively developed and used by a lot of projects.
I liked that Django socialregistration allowed me to plug in Google Accounts, Facebook, Yahoo and any other OpenID site pretty easily. You just need to give the provider as a link like so:
<img src="{{MEDIA_URL}}/images/yahoo.png"/>
They are all almost identical. I like django-authopenid. It has great documentation and is extremely easy to use. It'll do exactly what you want and do it better than django-openid (which is the only other one I have tried).
HTH