django.contrib.sites and same user logging in with email to different SITE_IDs...

32 views

Skip to first unread message

Roberto Maurizzi

unread,

Jan 8, 2018, 3:38:29 AM1/8/18

to django-allauth

Hello all,

I'm trying to integrate django-allauth for a deployment in which we're trying to have:

- a main website where site admins, maintainters and operators can log in, check for available work and get assigned to work for/help some customer in one of the "serviced" websites

- many different service websites dedicated to different topics or purposes where 'real' users will have to sign up using their emails

I'm using Django's Sites framework, and I've already added a "site" field to my custom user model and extended the authentication backend class so that on authenticate and get_user it'll check for the user's site and behave as it should if the user isn't registered for the site they're trying to log in to (allowing superusers to log in to any website)

In this scenario I need to allow the same user to register and use any or all different websites in the system: this means that I need to allow *the same email* multiple times in the system, and that I should check if the fields email and site are unique_together.

Right now all the checks on AuthenticationMethod want to ensure that the proper conditions are met for the existing valid parameters EMAIL, USERNAME or USERNAME_EMAIL, so of course if I remove the requirement for unique emails, I get an AssertionError: I need to implement a way to verify that users are unique taking into account my User.site field.

I'm willing to try to implement this feature, but I've never worked on allauth before, so I'm wondering exactly of to approach this.

First of all, there are at least 2 options: add one (or more) values to AuthenticationMethod and fix all the existing checks and usages (while adding code specific to handling the EMAIL_SITE scenario).

However, it might be better to add an additional configuration option, say a AUTHENTICATION_MULTISITE, then check the possible combinations (since the approach should work just as well for any combination of USERNAME, EMAIL or USERNAME_EMAIL authentication, simply changing the uniqueness check on the login attribute(s) to a uniqueness check on the combined login attribute(s) and the site FK.

What would somebody more familiar with the codebase recommend?

P.S.

I did some searching on Google and in the mailing list, but I didn't find much about using Sites together with allauth, especially nothing about solving this "multiple login with the same email" issue. Sorry if I missed something.