Enhanced auth.User

77 views
Skip to first unread message

Rohan Jain

unread,
Mar 22, 2011, 4:32:42 PM3/22/11
to django-d...@googlegroups.com
These are some auth settings and models I propose to account for the generally
raised questions for auth.User flexibility.

Settings: 

 - AUTH_USER_EMAIL_UNIQUE  
   If the email should be unique for users. It is a rare case when a website
   would have users sharing emails. It is more likely other way round that a user
   has multiple emails.

 - AUTH_USERNAME_MIN_LENGTH/AUTH_USERNAME_MAX_LENGTH  
   Min and max lengths of the username field. 

 - AUTH_USE_OLD_USER_MODLE  
   If the old style (fn-ln based) user model should be used. Maybe a deprication
   warning can be provided when this is set to True.

Models: 

 - BaseUser Model ~ Current User Model, abstract  
   There will be a base model with all the same fields as current user model but
   not the first_name and last_name fields. 

 - UNIQUE_EMAIL = getattr(settings,'AUTH_USER_EMAIL_UNIQUE', False)  
   email = EmailField(blank=not UNIQUE_EMAIL, unique=UNIQUE_EMAIL)  
   email column unique/no unique according to AUTH_USER_EMAIL_UNIQUE setting. 

 - A method can be defined which could generate random username while registering
   if required, like in case of logging in with email, openid, oauth etc. 
   
 - Provision for authentication through email id can easily be provided if
   UNIQUE_EMAIL is set. 
 
 - EnhancedUser, abstract  
   Inherits from BaseUser.  
   Have a field `name` instead of old `first_name`, `last_name`. A single field 
   for name is preferable as it would be more comfortable to users and would also 
   take care of case when the User model doesn't represents an individual but may 
   be a team, an organization etc.  
   Also a text field `description/about` could be provided as it is generally 
   present in basic user profiles everywhere. This would prevent necessity to use 
   a separate Profile model.  
   These fields would result in some minor changes in places like auth.models and
   auth.admin. The first_name and last_name fields are generally accessed through
   get_full_name method which could be redefined to return `name`.

 - OldUser, abstract  
   This with BaseUser will generate the current User model with `first_name`,
   `last_name` fields and the get_full_name method. In case of an old project, with
   large database, upgrading to newer django versions.

 - User  
   This would inherit from EnhancedUser or OldUser according to the AUTH_USE_OLD_USER_MODLE
   setting and will be the model exposed to other apps, hence there should not be
   any compatibility issues.

Now as far as old projects upgradation to new User model is concerned, that
could be done with the help of application 'south'. A migration scripts can be
written:

 1. Create a column `name`. 
 2. Create datamigration script to copy `first_name` + `last_name` to `name`. 
 3. Drop `first_name` and `last_name` column. 


About Me:  
I am a 3rd year Engineering undergraduate student from the Department of
Agricultural and Food Engineering, Indian Institue of Technology, Kharagpur. I
have been using django for a year now and recently started working with the SVN
version, hacking the codes of contrib apps and trying to learn the best
practices.  

Russell Keith-Magee

unread,
Mar 22, 2011, 7:40:36 PM3/22/11
to django-d...@googlegroups.com
On Wed, Mar 23, 2011 at 4:32 AM, Rohan Jain <rohanj...@gmail.com> wrote:
> These are some auth settings and models I propose to account for the
> generally
> raised questions for auth.User flexibility.

Two quick points:

Firstly -- the fact that you've given some biographical detail at the
bottom, and that this biographical detail says your a student,
suggests that this is a GSoC proposal? Is this the case? If so --
that's a pretty big detail to omit. Django-developers is a general
list for discussing the development of Django; if you're proposing a
GSoC project, you need say so.

Secondly -- This is a reason that this project is listed as a high
complexity project on the GSoC wiki page. It's deceptively difficult,
and there's *lots* of prior art. A proposal that starts with
introducing 3 new settings, and finishes with the phrase "create a
datamigration script" is essentially a non-starter for reasons that
are well documented historically.

If you're interested in this project, I *strongly* suggest that you
spend a couple of days familiarizing yourself with the historical
discussions about the idea. There was a lengthy discussion around last
year's GSoC; a student was proposing work on this project, but
ultimately backed out because of the complexities involved. At the
very least, it should give an indication of what will and won't be
accepted.

Yours,
Russ Magee %-)

Gabriel Hurley

unread,
Mar 22, 2011, 8:05:54 PM3/22/11
to django-d...@googlegroups.com
I would further add that the goal of any refactor in this area is not to add a wishlist of enhancements to the existing User model (though that may happen in tandem), but to truly make the framework extensible/agnostic in a way which it currently is not.

All the best,

    - Gabriel

crodjer

unread,
Mar 22, 2011, 10:21:22 PM3/22/11
to django-d...@googlegroups.com, Russell Keith-Magee
On Wednesday, March 23, 2011 5:10:36 AM UTC+5:30, Russell Keith-Magee wrote:
On Wed, Mar 23, 2011 at 4:32 AM, Rohan Jain <rohanj...@gmail.com> wrote:
> These are some auth settings and models I propose to account for the
> generally
> raised questions for auth.User flexibility.

Two quick points:

Firstly -- the fact that you've given some biographical detail at the
bottom, and that this biographical detail says your a student,
suggests that this is a GSoC proposal? Is this the case? If so --
that's a pretty big detail to omit. Django-developers is a general
list for discussing the development of Django; if you're proposing a
GSoC project, you need say so.

This was not a gsoc proposal, I added my biographical details as 
an introduction as this was one of my first post on the group. The 
changes I suggested have been on my mind for some time, so I thought
of posting it. Auth user model modifications, Dynamic site ID are some 
discussions which have been highly requested and discussed. So I am 
aware that one cannot just write a few modifications and fix it for all.  

Russell Keith-Magee

unread,
Mar 22, 2011, 11:33:04 PM3/22/11
to django-d...@googlegroups.com
On Wed, Mar 23, 2011 at 10:21 AM, crodjer <rohanj...@gmail.com> wrote:
> On Wednesday, March 23, 2011 5:10:36 AM UTC+5:30, Russell Keith-Magee wrote:
>>
>> On Wed, Mar 23, 2011 at 4:32 AM, Rohan Jain <rohanj...@gmail.com> wrote:
>> > These are some auth settings and models I propose to account for the
>> > generally
>> > raised questions for auth.User flexibility.
>>
>> Two quick points:
>>
>> Firstly -- the fact that you've given some biographical detail at the
>> bottom, and that this biographical detail says your a student,
>> suggests that this is a GSoC proposal? Is this the case? If so --
>> that's a pretty big detail to omit. Django-developers is a general
>> list for discussing the development of Django; if you're proposing a
>> GSoC project, you need say so.
>
> This was not a gsoc proposal, I added my biographical details as
> an introduction as this was one of my first post on the group. The
> changes I suggested have been on my mind for some time, so I thought
> of posting it. Auth user model modifications, Dynamic site ID are some
> discussions which have been highly requested and discussed. So I am
> aware that one cannot just write a few modifications and fix it for all.

Understood - in which case, scratch my first comment.

However, my second point stands. This proposal doesn't reference any
of the prior discussion related to this topic, or address any of the
issues that those prior discussions have raised. In the case of
suggesting migrations, it specifically violates a design consideration
that has been repeatedly stated in the past.

I agree that this is definitely a pain point that many people have
with Django, and it is something that I'm hoping to look at in the 1.4
development cycle. If you want to help out, I suggest you familiarize
yourself with the historical discussion.

Yours,
Russ Magee %-)

Reply all
Reply to author
Forward
0 new messages