--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.
To post to this group, send email to django-d...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/2ec07906-8a2a-4b63-a850-99e8fef95b5a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CAFO84S5ki%3DtuPCZyXf2e_%2Bq%3D7V8Q1a6RX3EJycx51BodwnJZBA%40mail.gmail.com.
Hello, this my first message... hi for everybodyI think it could be a micro-service... you would not touch what is there, which is a huge advantage regarding compatibility. We could start to monolith django and I think with this Auth history it would be a good opportunity. Abstraction for django-monolith with base conversation and then the Auth micro-service... and we open the community can create/improve other potential micro-serviceAnyway... I would be happy to help.Best regardsJeff Notaro
Am 10.04.2019 22:59 schrieb Collin Anderson <cmawe...@gmail.com>:
Email + password auth is definitely a wanted feature out-of the box, and probably a good first step would be to create a separate AbstractEmailUser or something like that. Seems to me AbstractUser shouldn't be changed for backwards compatibility reasons, but maybe something like a BaseAbstractUser would be helpful?And here's a past discussion and ticket (from 5 years ago):Also related: UserCreationForm by default allows usernames that differ only by case
On Wed, Apr 10, 2019 at 7:12 AM Barnaby <antoni...@gmail.com> wrote:
--If we go to the most common use case, email + password is the current "default" of the web, rather than username + password. It would make sense for Django to use email + password by default.It also feels like first_name and last_name have no place in AbstractUser and should me moved to NamedAbstractUser or something.
So we'd remove username, first_name and last_name by default.Regarding other means of authentication, I don't know if Django should support any out-of-the-box. Magic Links could be a decent default but they do raise security issues and require email setup.
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-d...@googlegroups.com.
To post to this group, send email to django-d...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/2ec07906-8a2a-4b63-a850-99e8fef95b5a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-d...@googlegroups.com.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.
To post to this group, send email to django-d...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/1bbc83d2-552d-444d-8165-1341b76328c2%40googlegroups.com.
@Florian, since I had so many PRs pending review, I had to find other ways to cause chaos ;)
I would suggest as a first step to separate the field names from the object methods. Thanks to multi inheritance in Python this should be an easy enough task.
I will look into it a bit and propose something as a base for discussion.
--
You received this message because you are subscribed to a topic in the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/django-developers/d92P2V0YrbI/unsubscribe.
To unsubscribe from this group and all its topics, send an email to django-develop...@googlegroups.com.
To post to this group, send email to django-d...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/f91b347e-7fc9-f559-c5d4-e2c1124aadfd%40fleschenberg.net.
I went with the hardest possible way, NO password, NO username. Just one time passwords send via email or SMS. Similar to Django’s password reset function.
I published my work just now, https://django-mail-auth.rtfd.io. I would recommend to have a look at the custom EmailUser that I built. There are a couple of functions and fields that need to be overridden. BUT to my surprise even the management command “createsuperuser” worked.
You could have reused https://github.com/aaugustin/django-sesame for the signing stuff :)
IMHO Django should provide a secure and simple (for developers) out of the box solution.
"Django - The web framework for perfectionists with deadlines."
--
You received this message because you are subscribed to a topic in the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/django-developers/d92P2V0YrbI/unsubscribe.
To unsubscribe from this group and all its topics, send an email to django-develop...@googlegroups.com.
To post to this group, send email to django-d...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/99cf381b-3c5e-4560-97c7-9b9e160a5500%40googlegroups.com.