Different user types - the best method
18 views
Skip to first unread message
majvan
Oct 15, 2017, 10:06:06 AM10/15/17
to Django users
Hello,
Thanks,
jv
in my application I wanted different user types each having different authentication method.
I think to create authentication backend for each User model is possible.
The difficult part here is to create different user models. AFAIK, all the user classes have to be derived from AbstractBaseUser or its child. So I added this to the settings:
I think to create authentication backend for each User model is possible.
The difficult part here is to create different user models. AFAIK, all the user classes have to be derived from AbstractBaseUser or its child. So I added this to the settings:
AUTH_USER_MODEL = 'myauth.AuthBaseUser'So I wanted to create some AuthBaseUser class in my application which will contain all the common fields for different user types, but it will not represent any particular type of user.
The user types I have:
The user types I have:
- Normal user (UUID, email, name, address, password)
- Remote application (UUID, name, generated random secret)
- (other type of remote application with different fields)
The authentication for the Normal user would be with webpage email + password The authentication for the Remote application would be with UUID + random secret with JSON to ask for the temporary token.
I tried to abstract the AuthBaseUser:
I tried to abstract the AuthBaseUser:
class AuthBaseUser(AbstractBaseUser, PermissionsMixin):
pk = models.UUIDField(primary_key=True, unique=True, default=uuid.uuid4, editable=False,)
name = models.CharField(_('name'), max_length=128, blank=False)
typ = models.CharField(max_length=16, choices=USER_TYPES, default='normaluser',)
date_joined = models.DateTimeField(_('date joined'), auto_now_add=True, default=timezone.now)
last_login = models.DateTimeField(_('last login'), auto_now_add=True)
is_active = models.BooleanField(_('active'), default=True)
#NOTE: no password field here
Then I wanted to create a RemoteAppUser and NormalUser with 1:1 mapping like this:
class NormalUser(AuthBaseUser):
user = models.OneToOneField(AuthBaseUser, on_delete=models.CASCADE)
email = models.EmailField(_('email address'), unique=True)
is_superuser = models.BooleanField(_('superuser'), default=True)
#password = #not decided yet what to add here; for remote app we will have 256b of SHA256's random generated value
EMAIL_FIELD = 'email'
REQUIRED_FIELDS = AuthBaseUser.REQUIRED_FIELDS.append(['email', 'password', ])
objects = NormalUserManager()
def __init__(self, *args, **kwargs):
super(AuthBaseUser, self).__init__(*args, **kwargs)
def __str__(self):
return self.get_username()
def get_full_name(self):
return self.get_username()
def get_short_name(self):
return self.get_username()Is there any recommended way to handle such different users? Note that for example I would like store the RemoteApp's secret as SHA256, but I do not need to run the permutations several times with seed etc.
Thanks,
jv
Jason
Oct 16, 2017, 9:33:09 AM10/16/17
to Django users
There was a session at this year's djangocon about this very topic. You can see it on youtube at https://youtu.be/uLPZYuj7yTg
Reply all
Reply to author
Forward
0 new messages