--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CALUzFO1GyhQct422sU6WDRC3ksYf-qg8qgtR%2BwXGOwrjWDn2_A%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAP3eejy%3DHWk82qHU5uNaWAYDTRC1-N1A9fUVkc%2B_avj5FmUYQA%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CALUzFO2RUz_smUPtoCfE_TQq-qK2L_b_ebbX1Y2L234LmiFj_Q%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CALUzFO2RUz_smUPtoCfE_TQq-qK2L_b_ebbX1Y2L234LmiFj_Q%40mail.gmail.com.
It is generally not recommended to authenticate auto-generated users directly from inspect_db
without proper user model fields and permissions. Here's why:
Security Concerns:
Maintainability Issues:
inspect_db
creates a tight coupling between your authentication logic and the specific database schema. This makes it difficult to modify the user model or switch databases in the future.Here are some alternative approaches to consider:
Migrate User Model Fields:
AbstractBaseUser
and PermissionsMixin
. This ensures proper authentication and authorization mechanisms.Custom User Model:
AbstractBaseUser
and includes any additional fields you need. This provides a more secure and maintainable approach.Alternative Authentication Methods:
While it might be technically possible to authenticate through inspect_db
, it's strongly advised against it due to the security and maintainability drawbacks. Consider the alternative approaches mentioned above for a more secure and robust solution.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAJkiqy79rnh9aDo7TLj29HN3XjMjfTb%3Dwh20CBOzUrhegb%3D8Tg%40mail.gmail.com.