Disable Auth on Django Application.

72 views
Skip to first unread message

Arun S

unread,
Nov 14, 2017, 12:57:26 AM11/14/17
to Django users

Hi,



I have two different Django Applications.

Both the applications have there respective Auth.


Applications are hosted on different servers.

Now the use case is such that:


There is a redirection link that can be provided from Application 1.

Now i would want to disable auth on Application 2 when the link has been traversed from application 1 which already has a Single Sign on.


To be noted, Each application can be access individually so i cannot disable auth on application2.


How can this be achieved where Application 1 has a single sign on and when a link from application 1 is clicked,

it gets redirected to application 2 but should not authentication that particular request as the request is from Application 1.



Thank you.

Arun.

Jani Tiainen

unread,
Nov 14, 2017, 2:28:43 AM11/14/17
to django...@googlegroups.com

Hi,

We're using JSON Web Token for similar SSO. Works well and is secure.

So when link is clicked link will contain JWT payload signed with pre-shared key (works with asymmetric certs if you want to go that way). Then we have custom authentication backend and view which logs user in (and creates local account if needed) and creates standard Django session so rest of the session Django standard auth mechanisms are used.
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/f545da68-40ce-4c1d-b76c-68e5a3890255%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

-- 
Jani Tiainen

Arun S

unread,
Nov 15, 2017, 10:10:47 PM11/15/17
to Django users
Hi,

Is there any other way out using the default django AUTH itself.


When you say, custom authentication backend, you mean the models are completely different and do not use the django Auth mechanism or it just updates the customer DB?

---
Arun.

Amitesh Sahay

unread,
Nov 15, 2017, 10:45:55 PM11/15/17
to Django users, Arun S
Hello Arun, 

In that case, you may just need to import "User" model in model.py as below

from django.db import models
from django.contrib.auth.models import User

class Registration(models.Model):
    user = models.OneToOneField(User, on_delete=models.CASCADE)

That's it, and then you need to mention the fields like "username", "password", "email" in forms.py..whichever you want to get displayed on your web page.

and then all the redirects ,renders go in view.py.

I hope that helps
    


Regards,
Amitesh Sahay

primary :: 91-907 529 6235



--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
Reply all
Reply to author
Forward
0 new messages