Creating an user/password management app

[Peter Steinmetz]

Hi,

given an existing SQL DB which stores user credentials. This DB is
used as an authentication backend by a mail server.
Now I'd like to create a web frontend to manage the credentials in
this existing DB. I. e. users should be able to login using the
credentials in this DB and should be able to change the password for
the account they are logged in with.
The Django documentation suggests to copy the credentials from the
legacy DB to the Django-style user DB beforehand or on the fly. But I
don't think this is the way to go for me, since changes to the
password etc. must be reflected in the legacy DB.
Is there an easy/obvious way to achieve this?

Peter

[Russell Keith-Magee]

I don't know if I'd call it easy or obvious, but it should be
possible, at least in some form.

* You can wrap the legacy database with a Django model definition.
Look into the `inspectdb` management command for a head start on this.
This will give you a Django model file that can be used to interact
with your legacy database table directly.

* You can write a custom authentication backend that will integrate
your legacy database table with Django's authentication system,
allowing users to log in using their legacy credentials. There is some
documentation on this, but the best reference will probably be the
existing code (django.contrib.auth.backends)

However, the big catch -- Django's concept of a "User" isn't
especially easy to customise. This means that won't be trivial
(possible, but not trivial, and certainly not documented) to use your
legacy table as a substitute for Django's internal User table. This
means that you won't be able to use any existing applications out
there that have a foreign key on Django's User - most notably,
Django's admin interface.

Depending on your exact needs, one easy workaround for this may be to
have 2 user tables: the legacy user table, and an 'administrators'
user table. The legacy users will still be able to log in, but won't
have access Django's admin. The admin Users table is Django's own User
table, and users with accounts on this table will have access to the
Django admin, including the ability to view/edit the legacy User
table.

Yours,
Russ Magee %-)

[Peter Steinmetz]

Am Sonntag, 13. Mai 2012 23:17:15 UTC schrieb Russell Keith-Magee:

 

However, the big catch -- Django's concept of a  "User" isn't
especially easy to customise. This means that won't be trivial
(possible, but not trivial, and certainly not documented) to use your
legacy table as a substitute for Django's internal User table. This
means that you won't be able to use any existing applications out
there that have a foreign key on Django's User - most notably,
Django's admin interface.

Depending on your exact needs, one easy workaround for this may be to
have 2 user tables: the legacy user table, and an 'administrators'
user table. The legacy users will still be able to log in, but won't
have access Django's admin. The admin Users table is Django's own User
table, and users with accounts on this table will have access to the
Django admin, including the ability to view/edit the legacy User
table.

 
Thanks for your answer, Russ.
It seems, in this particualar case, there would be more fighting against Django than profiting from the things it offers. I think I'll implement the user management app some other way and look for something to make my first Django app where Django will really help me get things done.

Thanks,
Peter