[Django] #24874: Why does "AbstractBaseUser" contain "password" and "last_login" fields?

7 views
Skip to first unread message

Django

unread,
May 29, 2015, 9:30:46 AM5/29/15
to django-...@googlegroups.com
#24874: Why does "AbstractBaseUser" contain "password" and "last_login" fields?
--------------------------------------+--------------------
Reporter: christopherdcunha | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: contrib.auth | Version: 1.8
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Easy pickings: 1 | UI/UX: 0
--------------------------------------+--------------------
Why does "AbstractBaseUser" contain "password" and "last_login" fields?

The
[https://github.com/django/django/blob/master/django/contrib/auth/base_user.py#L1-L4
module docstring] and the
[https://docs.djangoproject.com/en/1.8/topics/auth/customizing
/#specifying-custom-user-model documentation] suggest that
AbstractBaseUser should be inherited when creating custom user models. Why
are these attributes expected to be common to all custom user models?

My immediate use case is that I want a custom user model for a delegated
auth setup (Opend ID Connect in my case), so I don't have any passwords
and last_login per se. At the same time, I'd like to use a "Django
supported" base user model to know that I support the exact API that the
User model needs. The only way I can see to do this is to re-implement
AbstractBaseUser without these fields.

--
Ticket URL: <https://code.djangoproject.com/ticket/24874>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

Django

unread,
May 29, 2015, 10:12:05 AM5/29/15
to django-...@googlegroups.com
#24874: Why does "AbstractBaseUser" contain "password" and "last_login" fields?
-------------------------------------+-------------------------------------
Reporter: christopherdcunha | Owner: nobody
Type: | Status: closed
Cleanup/optimization |
Component: contrib.auth | Version: 1.8
Severity: Normal | Resolution: invalid
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0

Easy pickings: 1 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by timgraham):

* status: new => closed
* needs_better_patch: => 0
* resolution: => invalid
* needs_tests: => 0
* needs_docs: => 0


Comment:

As documented, "AbstractBaseUser provides the core implementation of a
User model, including hashed passwords and tokenized password resets."
(`last_login` is used for password reset).

I don't think the ticket tracker is the best place for queries like this
(unless you can frame it as a documentation issue that needs clarification
or as some other actionable item). Please see
TicketClosingReasons/UseSupportChannels for other places to get help.
Thanks!

--
Ticket URL: <https://code.djangoproject.com/ticket/24874#comment:1>

Reply all
Reply to author
Forward
0 new messages