I have a django project with two apps (app and authenticate) that I got from a template. I developped my "app" app and it works fine. Now I want to add logins to limit access to certain pages of the app.
I looked accross the Internet and they use
user = User.objects.create_user('myusername', 'myemail#crazymail.com', 'mypassword')
to create a user. I tried that (and tried logging in with the username and password but it doesn't work. I probably put the code in a wrong area (I put it in authentication/models.py). I would really like this to work but I can't seem to figure out why the user isn't created.
there is no method create_user(). You must write User.objects.create('myusername', 'myemail#crazymail.com', 'mypassword')
Related
I am trying to get multiple sites to use the same database and code but in a way which forces each user to have their own login to each site.
I have seen a few suggestions as to how to make this work but I'm not sure which way to go.
I am using the Sites Framework, using the subdomain to identify the current site so I'm not using SITE_ID at all.
Use the sites framework - This answer (https://stackoverflow.com/a/1405902/1180442) suggests using the sites framework to do it, but I'm having trouble with the get_user() method, as it doesn't have access to the request and that's where my site info is stored.
Use separate databases for users - I'm really not sure about this one but I think it might cause bigger problems down the line.
Change to using SITE_ID - I want to try and avoid this if possible as it will mean having to run many different instances of my app, one for each site, which uses it's own settings.py. This will quickly turn into a nightmare, I think.
Permissions - I'm wondering if this should be something that I get the permissions framework to use? So one set of users for all sites but each user can have permissions to see each site, as long as they've registered with that site?
Can anyone help with this?
I quite like the idea of number 1 but I just need to get the request in the get_user() method so I can do this
def get_user(self, user_id):
try:
# I can't do this because there is no request available here
return User.objects.get(pk=user_id, site=request.site)
except User.DoesNotExist:
return None
to prevent people logged in to one site being able to log into another using the same session.
How I actually do it, not for users but for common databases, Is to design a main, hidden app with a REST API architecture. My other apps, naturally have their own DB and exchange their data via batch or stream process depending on the need. I use django-rest-framework.
For your case what I would do is that whenever a user makes a Log In request I would send it via HTTPS to my main database and get it authenticated in my main app. Whenever I would need to validate the user status I would simply make a get request to the main app.
This architecture is not that different from the one that many mobile apps have.
I hope it helps.
My english is not perfect thus the title is confusing. I don't know how to really put what i want to say. Anyway, I have a django 1.11 application that is running well. Wrote admin.py for some apps and a bunch of admin forms overridden. But client said he wants a different way of doing things (instead of admin carrying out the task, everyone registered on the app can). I already have a dashboard for those users and he wants the admin forms to be in that dashboard as opposed to the /admin default dashboard.
I failed to find such a thing in the documentation, I think. But basically, I want some forms to be avalibale, as they are, in the client dashboard? Is that possible?
I have built my first Django App! It is built to help my business track inventory. As such, I would not like it to be publicly available.
Maybe someday I will set up multiple user accounts, etc, but for now I really just need a basic password gate to get it up and running.
Does anyone have any middleware that works for this? All the solutions that I am finding are pretty old and they do not seem to work with the latest version of Django.
If you just need a single username/password couple, handling it directly via HTTP authentication in your webserver configuration will be the easiest way to achieve this. The benefits of this approach are:
You can set it up in 5 minutes: example with nginx, example with apache
You don't have to write code you'll delete later
It will protect all your website, including static files, third-party apps, admin, etc.
I found an answer that worked for me posted here:
#login_required for multiple views
Make sure the LOGIN_REQUIRED_URLS_EXCEPTIONS path is correctly set to your login page.
Just starting to learn django, and I wanted to incorporate the allauth app.
Been trying to figure this out all day and haven't found the answer in other questions.
Anytime I try to add one of the social logins, I can't even get a login screen and django complains:
get_login_url() keywords must be strings
when it tries to render the provider list. (I copied over base, index, and profile from the example that came with allauth)
I've read that before I use one of the logins, I need to add the social app in the admin interface. So in the admin interface, I want to try one of the simpler ones, so i chose OpenId. Since I don't have a facebook app id or anything yet, I figured with OpenId, I wouldn't need that.
I'm getting hung up on what to use for the Key and Secret to register the social app. I'm new to this stuff, but I thought that was more for OAuth. But if I don't include it, it flags the fields as red and demands them. Where do I find/generate a Key/Secret?
Also, to use OpenId, am I supposed to specify a site like Google or Yahoo, or is there just an "OpenId" site?
I'm still using manage.py runserver, if that makes any difference. But I thought I would still be able to get the page to "render."
What version of Python are you running? If you are using an old 2.6 version, then you may be running into the issue described here:
http://cuu508.wordpress.com/2011/01/27/keywords-must-be-strings/
Please let me know if that pinpoints your problem. If so, I'll check if I can make allauth play nice with your version...
Update: haven't had the time to test this myself yet, could you give this change a try?:
--- a/allauth/socialaccount/templatetags/socialaccount.py
+++ b/allauth/socialaccount/templatetags/socialaccount.py
## -13,7 +13,7 ## class ProviderLoginURLNode(template.Node):
def render(self, context):
provider_id = self.provider_id_var.resolve(context)
provider = providers.registry.by_id(provider_id)
- query = dict([(name, var.resolve(context)) for name, var
+ query = dict([(str(name), var.resolve(context)) for name, var
in self.params.iteritems()])
request = context['request']
if not query.has_key('next'):
I'm working on a Django web app and want to restrict signup to my site. For thatI want to use invite only app..I could find a couple of app built on the top of Django registration but I'm using Django Auth . Is there any app which I can use with Django app to get the same functionality.
General idea:
First, you can check out the code I have written which works fine for me.
Take a look at the example include in the application, you will learn
how to write your own pipeline. this pipeline can be redirected to any
view you would like.
from there you can save a invitation_key in your sessions and if that
key is valid, you can continue with create_user built in pipeline.
I have used this application for invitations that produces and validates invitation keys.
Implementation
It took me quite a day to figure it out.
This is a invite app built on allauth which restricts signup to invite only:
https://pypi.python.org/pypi/django-invitations/0.12