I have added Google authentication for my Django web application using allauth package. I want to access the extra data(shown in field 4(Extra data) of social account users
I have tried this but, I do not import SocialAccount(I dont know to which module does it belongs to).
data=SocialAccount.objects.get(user=request.user).extra_data
Please let me know which module should I import to use SocialAccount or tell me other way how can I access extra data.
Use it like this:
from allauth.socialaccount.models import SocialAccount
Now, use the SocialAccount model like any other Django model
SocialAccount.objects.all()
Related
I am new, first question..
I have configured django-allauth on a django project. It is working fine front end.
When I access the Django-admin interface with the superuser, I can access all sorts of things that django-allauth as added like :
-accounts
-social accounts
-sites
I cannot access to the normal user data, the one which is in a table called 'campfire-users' in the db (campfire being the name of the application).
Normally it appears in a group called 'authentication and authorisation" where you find 'groups' and 'users'.
I have also noticed that the name of the top level app which normally appears in the top left of the admin interface is not appearing : 'application_name ADMIN' becomes ADMIN.
Any clue ?
the admin interface
I finally get the answer :
Having created a custom User class, I did not register it into 'admin.py'.
I had to edit 'admin.py' and add this :
from django.contrib import admin
from .models import User
admin.site.register(User)
Then the users appeared on admin interface. Still one pointto solve : why the name of the application is not appearing?
I want to use Django only with admin backend without any apps. So actually all I want to do is to use the admin backend to CRUD my database. Now apparently the admin backend does not have a models.py and no views.py.
Do I really need the models.py from an app, or can I easily use only the admin backend to CRUD my database. How would I do this, add a models.py to the admin backend?
First of all, if you want to CRUD something, you will need a model so you can interact with your database (SQLite, Postgres, etc).
However, a model belongs to an app, once this is the core of Django. So, take a look at https://docs.djangoproject.com/en/2.2/topics/db/models/ where you can read more about that.
If you need a tutorial, take a look at https://docs.djangoproject.com/en/2.1/intro/tutorial02/
In summary, yes, you need an app. However, you do not need a view, once there will be no router, I suppose. Just expose your model to the admin, for instance:
from django.contrib import admin
from .models import YourModel
admin.site.register(YourModel)
Hope it helps
I am learning Django, I saw so many videos of DJango.
I just wanted to know one thing that can we create an app (like login app, or contact app) without registering it into in admin (admin.py).
Off course it should have model etc to save the contact details or login details etc. Is it possible in Django ?
Just don't create your admin.py file or not register the model that you don't want to see there. Django admin is fully optional.
Django flatpages is a very basic CMS
Django-reversions enables a backup of models past versions access in the admin https://github.com/etianen/django-reversion
How can I keep the flatpages app models under reversion? The models are not explicitly set in my code but come as a built in django feature that is autodiscovered by the admin.
You can register third party models like this
from django.contrib.flatpages.models import Flatpage
from reversion.helpers import patch_admin
patch_admin(Flatpage)
See docs
I am building a Django site framework which will power several independent sites, all using the same apps but with their own templates. I plan to accomplish this by using multiple settings-files and setting a unique SITE_ID for them, like suggested in the Django docs for the django.contrib.sites framework
However, I don't want a user from site A to be able to login on site B. After inspecting the user table created by syncdb, I can see no column which might restrict a user to a specific site. I have also tried to create a user, 'bob', on one site and then using the shell command to list all users on the other side and sure enough, bob shows up there.
How can I ensure all users are restricted to their respective sites?
The most compatible way to do this would be to create a user Profile model that includes a foreign key to the Site model, then write a custom auth backend that checks the current site against the value of that FK. Some sample code:
Define your profile model, let's say in app/models.py:
from django.db import models
from django.contrib.sites.models import Site
from django.contrib.auth.models import User
class UserProfile(models.Model):
user = models.OneToOneField(User)
site = models.ForeignKey(Site)
Write your custom auth backend, inheriting from the default one, let's say in app/auth_backend.py:
from django.contrib.auth.backends import ModelBackend
from django.contrib.sites.models import Site
class SiteBackend(ModelBackend):
def authenticate(self, **credentials):
user_or_none = super(SiteBackend, self).authenticate(**credentials)
if user_or_none and user_or_none.userprofile.site != Site.objects.get_current():
user_or_none = None
return user_or_none
def get_user(self, user_id):
try:
return User.objects.get(
pk=user_id, userprofile__site=Site.objects.get_current())
except User.DoesNotExist:
return None
This auth backend assumes all users have a profile; you'd need to make sure that your user creation/registration process always creates one.
The overridden authenticate method ensures that a user can only login on the correct site. The get_user method is called on every request to fetch the user from the database based on the stored authentication information in the user's session; our override ensures that a user can't login on site A and then use that same session cookie to gain unauthorized access to site B. (Thanks to Jan Wrobel for pointing out the need to handle the latter case.)
You can plug your own authorization and authentication backends that take the site id into consideration.
See other authentication sources on the django documentation and the authentication backends references
Besides that, if your django source is too old, you can always modify the authenticate() or login() code yourself. After all... Isn't that one of the wonders of open source. Be aware that by doing so you may affect your compatibility with other modules.
Hope this helps.
You have to know, that many people complain for Django default authorization system and privileges - it has simply rules for objects, for instances of the objects - what it means, that without writing any code it woudn't be possible.
However, there are some authorization hooks which can helps you to achieve this goal, for example:
Take a look there:
http://code.djangoproject.com/browser/django/trunk/django/contrib/auth/models.py
and for class Permission.
You can add your own permission and define rules for them (there is a ForeignKey for User and for ContentType).
However2, without monkeypatching/change some methods it could be difficult.