Re: Authentication with Email

[Shawn Milochik]

Your timing is just about perfect. Django 1.5 was just released, with
a customizable user model. So use that.

[Lachlan Musicman]

On 20 March 2013 11:09, fire_water <nkl...@kent.edu> wrote:
> Hi,
>
> I am fairly new to Django and have started building a website that will
> require users to create an account with a username, email address, and
> password. Users will log in with their email address and password, not
> username.
>
> There has been a lot of discussion about this topic in the past, but I was
> wondering what the current best practice is for solving these problems:
>
> 1. User email address is required and unique
>
> 2. Must log in with email address and password
>
> 3. Add additional fields to models.user
>
> 4. Must not impact other built-in apps or third-party apps
>
> One approach is to extend models.user by way of a one-to-one relationship,
> as described in the docs. But that does not solve #1 and #2.
>
> Which approach do you recommend as a long-term solution?


Since the adjustable user model has only just been introduced, best
practice may change. But for your requirements, the docs (and 2
scoops) spell it out pretty well. I did this just yesterday, and here
are my brief notes:

1. re #3 Add additional fields to models.user, most likely best
practice will be keep auth.user small, create a profile with extras.

2. For 1 + 2, you will need to subclass AbstractBaseUser. It is not
enough to subclass AbstractUser and change USERNAME_FIELD to 'email'
since the email field in AbstractUser is neither unique=True nor
db_index=True.

3. What I did was, essentially, subclass AbstractBaseUser and copied
AbstractUser almost verbatim from django.contrib.auth.models. With a
few minor changes it works fine.

4. Remember: you will need to create a new MyUserManager as well, and
will need to add some goodly stuff to admin.py - mostly new forms -
again, a lot of this can be grabbed straight from
django.contrib.auth.admin.

The example in the docs,
https://docs.djangoproject.com/en/dev/topics/auth/customizing/#a-full-example
is a good start.

I copied from the original code because I still wanted to use the in
build groups/permissions - the doc's full example changes the
permission model.

I hope that helps
L.


--
The new creativity is pointing, not making. Likewise, in the future,
the best writers will be the best information managers.

http://www.theawl.com/2013/02/an-interview-with-avant-garde-poet-kenneth-goldsmith

[Frank Bieniek]

Hi,
take a look at http://www.django-userena.org/
customziable login and registration.

Thanks
Frank

Am 20.03.2013 01:09, schrieb fire_water:

Hi,

I am fairly new to Django and have started building a website that will require users to create an account with a username, email address, and password. Users will log in with their email address and password, not username.

There has been a lot of discussion about this topic in the past, but I was wondering what the current best practice is for solving these problems:

1. User email address is required and unique

2. Must log in with email address and password

3. Add additional fields to models.user

4. Must not impact other built-in apps or third-party apps

One approach is to extend models.user by way of a one-to-one relationship, as described in the docs. But that does not solve #1 and #2.

Which approach do you recommend as a long-term solution?

Thanks!
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.