I need to view site from admin as another user. Now I'm just changing request.user in middleware. Is it safe or maybe there is more correct solution?
Thanks
Django packages has a list of apps that can handle user switching for you.
Depending on your requirements, just changing it in middleware is a relatively straight forward approach that some packages like django-masquerade takes.
Related
The django rest framework does allow per view authentication schemes:
http://www.django-rest-framework.org/api-guide/authentication/#setting-the-authentication-scheme
I think this is handy and I ask myself why this gets reinvented in the django rest framework.
"Why does django not provide this?" is a question which would get closed here on stackoverflow soon.
That's why I ask:
How to get per view authentication schemes in django?
"Why does django not provide this?"
It's an opinion. I don't see why someone should limit a specific view to some authentication backends. Whatever my/your opinion is, the decision is made in Django/DRF. Contact their mailing list and search their bug repo to find out why a specific decision made.
How to get per view authentication schemes in django?
Before anything be sure you know how Django works. Read all authentication related documents like this and this.
You could go the DRF way: Completely ditch Django authentication and write it yourself. Replace Django authentication backend abstract with your desired one and make a way to configure each view (e.g. Use a decorator to set attributes on you view function or use class based views + some fields). Then add a middleware to authenticate users and replace Django's AuthenticationMiddleware to provide request.user. You should also make sure that things like login_required work without modification or you should provide an alternative.
I have been testing a few django voting apps and found qhonuskan-votes. I have managed to install it and is works great. However, I also want it allow voting rights to non authenticated users which I am not able to do. Need help with this please.
Here is the link for its models.py, views.py and compact.py files of this app.
models
views
compact
You could write a custom view which would look like def vote(request, model, object_id, value) from the external app, but without this piece of code in it:
if not request.user.is_authenticated():
return HttpResponse(status=401)
Also make sure, that you map your custom view to the correct url instead of including app's urls:
url(r'^vote/$', view='custom_vote', name='qhonuskan_vote'))
This is not the best solution, because you are simply rewriting the code from the external app and I can't think of any proper way to override the default view in a way that would suit your needs. A better solution would be to use a different app, which allows votes by unauthenticated users (if a few lines of additional code are not a problem you can use this).
I've been working on a Django-Mongodb application. I was trying to use django-registration module in my project, but never got it to work.
https://github.com/lig/django-registration-me
Have anyone used django-registration in their django-nonrel? If you do, can you point me some instructions? What should User model look like since it is in django-nonrel?
Thanks in advance,
Since nobody really answered it, and I figured it out. I will just answer my own question as the reference for others who might be having the same problem.
I found it easier to use Mongoengine Authentication backend on top of Django authentication. Use the following in settings.py.
AUTHENTICATION_BACKENDS = (
'mongoengine.django.auth.MongoEngineBackend',
)
SESSION_ENGINE = 'mongoengine.django.sessions'
https://mongoengine-odm.readthedocs.org/en/latest/django.html
Apart from that you use pretty much the same code as in regular django, and a bit different at accessing the user from request. Just need to:
from mongoengine.django.auth import User
And if you use form in django, you probably end up using form for mongodb instead.
https://github.com/jschrewe/django-mongodbforms
Is there a good way to have both the login and register forms for django-registration on one page? I've had trouble finding a way to do it now that the backend system is enforced. Is there a view that can be overwritten that would allow you to add both forms to it? Anyone done this before or can point to an article about this?
Edit: Just to clarify I have the whole django-registration and login system set up and working properly, I'd just like to get both forms on the same page. I do not have access to their views.
Just hard-code your login-form in the registration-html-template. It should work like a charm.
You can always override the default login and registration views/templates. You can take a look at this link and see if this was what you were thinking to do. Then, you can read the Django documentation for further information about making custom login and registration views and templates as well.
Is there a good way provide user configurable app settings in Django admin?
Basically I would like to have a nice forms where site owner can easily edit such one off information as his contact information, front page text content, etc. Sort of like a normal admin interface of a model, but limited to only one undeletable item in the model.
I think django constance is the way to go. Alive and compatible with django 1.4.
The third-party project django-dbsettings is ideal for this.
I looked at dbsettings and liked some of what I saw, but I really wanted a more centralized, organized system. So I built django-appsettings. Enjoy :)
Found this: django-livesettings