Authenticating from a mysql database

[Uwe Schuerkamp]

Hi folks,

I'm in the process of migrating (or re-designing for that matter) a
Zope-based user database /ranking system over to Django with roughly
30,000 accounts in it. The Zope instance uses SimpleUserFolder for
authentication, so I was wondering if there is a way to authenticate
django users from within the existing mysql database.

Would it be possible to extract roles information from the user table
as well?

Thanks in advance for any ideas,

Uwe

[Jonas Geiregat]

Hello,

I've never worked with Zope so SompleUserFolder doesn't ring a bell.
I'm assuming it's a database table name.

You can always extend the default user's profile.

This is done by creating a class , most people use UserProfile

class UserProfile(models.Model):
user = models.ForeignKey(User, unique=True, related_name='profile')
#your fields that point to your SimpleUserFolder

Then add the following to your settings.py file to let django use your class

AUTH_PROFILE_MODULE = 'accounts.UserProfile' # assuming you have created a accounts application

> --
> You received this message because you are subscribed to the Google Groups "Django users" group.
> To post to this group, send email to django...@googlegroups.com.
> To unsubscribe from this group, send email to django-users...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
>

Jonas Geiregat
jo...@geiregat.org

[Uwe Schuerkamp]

Thanks much for your reply Jonas, I'll give it a try later.

SimpleUserFolder is a Zope "Product" that allows for authentication
via other mechanisms than Zope's built-in user management. I'm sure
there is a way to bend Django around the database tables in some way,
but as i've never tried that before I thought it a good idea to ask
the experts first.

The database table is called "users" and has, among others, the
following columns:

mysql> desc users;
+---------------------+--------------------------------+------+-----
+-------------------+----------------+
| Field | Type | Null | Key |
Default | Extra |
+---------------------+--------------------------------+------+-----
+-------------------+----------------+
| user_id | int(11) | NO | PRI |
NULL | auto_increment |
| login | varchar(16) | NO | UNI
| | |
| name | varchar(80) | NO | MUL
| | |
| password | varchar(16) | YES | |
NULL | |
| role | set('Manager','User','Driver') | YES | MUL |
Driver | |

The password is encrypted using mysql's password() function, but I
guess that would not pose too much of a problem, right?

All the best, Uwe

[Jonas Geiregat]

Defining your specific user profile as described in my previous post would work. It might need some work arounds and
additional methods to get it working.

If possible I think migrating the database table (the login , name and password fields only) you presented to the database your django project database is using, seems more elegant.
There would be no need for writing extra code to get this working.
The only code extra would be , again, a user profile. For storing the role column.

For more information about user profiling and django , take a look at:

open http://docs.djangoproject.com/en/dev/topics/auth/#auth-profiles

[Uwe Schuerkamp]

Hello Jonas,

thanks again for your reply. I think migrating the database over to
django may be a good idea, however it's still being used as a legacy
authentication database for other projects.

In case I'd decide to migrate the existing users over to the new
database, how could I make sure the passwords end up in django
correctly? All I have is the old_password()-crypted user passwords,
can I simply insert those as values into the auth_user db field?

All the best, Uwe

[Jonas Geiregat]

That might be one of the bigger things to overcome.

In order to succeed you must find out how django stores passwords and how your current passwords are stored.
That way you can start converting , probably by writing some python conversion script.
You can find out more on how django stores it's passwords here http://docs.djangoproject.com/en/dev/topics/auth/#passwords

For the Zope part you're on you're own, I've never looked at it in my life.

>
> All the best, Uwe

>
> --
> You received this message because you are subscribed to the Google Groups "Django users" group.
> To post to this group, send email to django...@googlegroups.com.
> To unsubscribe from this group, send email to django-users...@googlegroups.com.

[Uwe Schuerkamp]

On 24 Mai, 00:17, Jonas Geiregat <jo...@geiregat.org> wrote:

> > In case I'd decide to migrate the existing users over to the new
> > database, how could I make sure the passwords end up in django
> > correctly? All I have is the old_password()-crypted user passwords,
> > can I simply insert those as values into the auth_user db field?
>
> That might be one of the bigger things to overcome.
>
> In order to succeed you must find out how django stores passwords and how your current passwords are stored.
> That way you can start converting , probably by writing some python conversion script.
> You can find out more on how django stores it's passwords herehttp://docs.djangoproject.com/en/dev/topics/auth/#passwords

I think I may have found a solution by simply comparing the password
the user enters to the result of the old_password() function in mysql,
and if that matches I can store the password in the auth_user table
using the set_password() call which will convert the hash to "modern"
django standards.

Once I call save() on the new user object, the user should be found in
django's auth_user table from then on, correct? I've already managed
to connect to the old database using django's multiple dababase
feature and some raw() sql queries on the old user table.



All the best, Uwe