In Django, on a recommended setup, a UserProfile instance is linked by a OneToOneField with its User instance.
class UserProfile(models.Model):
user = models.OneToOneField(User)
data = ...
What is the most efficient way inside a view for retrieving both, user and profile?
Can I do a select_related() inner join query, to get both objects with one database hit? Or does it always come down to two separate calls? Possibly, Django's auth middleware retrieves the user instance even before the view is called ... does anybody know?
The user profile can be retrieved using get_profile().
See documentation: https://docs.djangoproject.com/en/dev/topics/auth/#storing-additional-information-about-users
Related
I have an model named Customers(username,password ..etc) and also an model named User(username,password...etc).
I want to create two different APIs with different authentication.
One should authenticate with the User username,password
and the second should authenticate using the Customers username,password.
Any idea on how can I do this?
Thank you!
I suggest the following options:
1.
I am assuming User model is the "real" user of your app. If this is true use the django's default User model class. It will work out of the box.
For the Customer model, make it inherit from AbstractBaseUser, this will give you password functionality out of the box and you can add other fields as per your need.
Now you can create 2 different urls for login. 1 url for user which checks in the User model and the other for the customer model. This avoids any confusion for everyone.
If you prefer a single url, you have to mention the model class along with username and password to know in which table to verify them.
2.
Create two profile models: UserProfile and CustomerProfile
Each will have a one to one relationship with the django's default User model.
Basically a User can have the profile of a "real" user or of a customer.
In this case when you are creating any User you have check if you want to attach a UserProfile or a CustomerProfile.
In this case it makes sense to just use a single login url. From the user's login information you can first fetch the user from the User table and then check if it is a customer or not by running a query in the CustomerProfile table.
I recommend you to use the django.contrib.auth.user class for your classical authentication. You can either inherit from that class or add a OneToOne relation to your own model as follows
from django.contrib.auth.models import User
class YourUser(models.Model):
user = models.OneToOneField(User, on_delete=models.CASCADE)
For the rest of your question you should add some more details and even some pieces of your code.
I'm creating an event following/signup system that uses Django REST Framework and can't figure out how to properly set this up.
In my events model I have:
followers = models.ManyToManyField(get_user_model(), related_name='following')
Ideally, an authenticated user could use a POST or PATCH to add or remove themselves from the followers record for a given event. Though I'm not really sure what the best way to do that would be.
My current thinking would be to create a serializer that only exposes the followers field, then create an APIView using that serializer with login in the get and post/patch methods to add or remove the specific user.
I'm getting the feeling that this is over-complicating things though. Is there an easier way to do this?
What do you think about using a 'through' model for the M2M relation?
I mean:
class Follower(...:
user = FK user
event = FK event
...
followers = models.ManyToManyField(get_user_model(), through=Follower ...)
...
In this case you are able to create quickly a model serializer and a generic view for the model Follower. In order to add or remove a user to an event you just send POST or DELETE requests to this resource
For my needs builtin model User is not enough... So I have my own model UserProfile and I want make authentication on site through this model (UserProfile does not inherit from User model and not related to it at all).
My Model:
class UserProfile(models.Model):
password = models.CharField(max_length = 40)
email = models.EmailField(max_length = 72, unique = True)
## Add this so that you can use request.user.is_authenticated
def is_authenticated(self):
return True
But builtin authentication uses model User.
So I want to understand how can I change that, so authentication use my model UserProfile with all auth features???
A good tutorial would be great!
(Step by step in views, models and authentication)
PS: I know I can store extra data in other model but I don't want that
Here's an even more extreme example but illustrates that what you want to do can be done. The author not only replaces the User model which the authentication backend uses but also uses SQLAlchemy instead of the Django ORM. http://tomforb.es/using-a-custom-sqlalchemy-users-model-with-django
The main point is that you need to write your backend authenticate and get_user methods to retrieve your custom User model. If you want to also support permissions you would need to write has_perm.
I used this article and it worked good enough for me, hope it can be useful for you.
Sultan
I need to add a BooleanField and a ManyToManyField to my users. I'm using django-social-auth. It seems I could use 'CustomUser'. I guess that's what it's for, but how do I take it into use?
I would need to know:
where to define these new fields
How to add them to the new user when the user is created (ie logs in)
How the query the fields afterwards (ie User.myBooleanField?)
Thanks!
Create a model called CustomUser or UserProfile, whatever you want, with these fields.
In settings.py add a setting AUTH_PROFILE_MODULE = "account.UserProfile", with what you named your model.
In the signals for social_auth, make sure the user has a profile, and if not create it for them when the user is created.
Now anywhere in the site you can call user.get_profile() and you'll have access to these fields.
I have a class UserProfile defined which takes the default user as a foreign key.
Now another class A has a foreign key to UserProfile.
So for saving any instance in class A, how do i give it the userprofile object.
Also, does making a class UserProfile mean that class user is still used and class UserProfile is just some other table?
I need to know this as I have to take care of the user profile creation, so I should know what gets stored where?
--
Confused
So for saving any instance in class A,
how do i give it the userprofile
object.
Create a app with a model which has a models.OneToOneField(User) or a models.ForeignKey(User, unique=True).
Make your project aware of your UserProfile by pointing to it from the settings.py file AUTH_PROFILE_MODULE = 'myapp.UserProfile'.
Read the documentation.
Also, does making a class UserProfile
mean that class user is still used and
class UserProfile is just some other
table?
Yes, your database will have both a auth_user and a user_profile table. This is due to the fact that using UserProfiles doesn't mean all user have to have profiles. Only the additional fields defined in the UserProfile model will be in the user_profile table.
I need to know this as I have to take
care of the user profile creation, so
I should know what gets stored where?
James Bennett created two nice apps which with a few hours of careful reading will be of great help especially when it comes to the user registration part. Go look at django-registration and django-profiles.
I assume your UserProfile model is intended to store additional information about your users. If so, there's documentation about the best approach to do this, which in brief is:
define a model with fields for the additional information you'd like to store, or additional methods you'd like to have available, and also add a OneToOneField from your model to the User model. This will ensure only one instance of your model can be created for each User.
Set AUTH_PROFILE_MODULE to myapp.MyModel, where myapp is the app containing the model MyModel which you want to use to store extra information about your users.