Since i'm not using the Auth User from Django, I have my own model CustomUser and I want make authentication on site through this model (CustomUser does not inherit from User model and not related to it at all).
class CustomUser(models.Model):
password = models.CharField(max_length = 40)
email = models.EmailField(max_length = 72, unique = True)
#stuff...
I checked https://docs.djangoproject.com/en/dev/topics/auth/#writing-an-authentication-backend and the main thing I don't understand is:
from django.contrib.auth.models import User
Do I need to import Django User if I want to use my CustomUser?
I can't find a good tutorial which explains how you can use Django without standard Auth User.
*edit:
I know I can extend with User. But I just don't want that. The question is not: what is the best way to use User and store additional information etc etc. I appreciate it though.
BUT how I can use a Custom User without using Auth User. Even if I don't have a reason to. *
If it is possible I want to know how.
The whole Django auth system is tightly coupled with django.contrib.auth.models.User, so you should use it in the backend. Quoting Django docs
For now, the best way to deal with this is to create a Django User object for each user that exists for your backend
But the main question here is: what is so special about your CustomUser that you can't implement with normal User model (may be extended)? In 99% of cases using User is the best way.
Check out this post.
Most of the Django projects I’ve worked on need to store information about each user in addition to the standard name and email address held by the contrib.auth.models.User model.
If you’re using trunk as of revision 7477 (26th April 2008), your model classes can inherit from an existing model class. Additional fields are stored in a separate table which is linked to the table of the base model. When you retrieve your model, the query uses a join to get the fields from it and the base model.
http://scottbarnham.com/blog/2008/08/21/extending-the-django-user-model-with-inheritance/
And this post.
Copy the auth application over into your own project and modify it to your needs. This avoids some of the maintenance troubles, but removes the utility of Django bundling an auth system in the first place. It can also cause compatibility problems with other applications which expect the User model to be in django.contrib.auth.
http://www.b-list.org/weblog/2006/jun/06/django-tips-extending-user-model/
Perhaps this answers your question:
From 'https://docs.djangoproject.com/en/1.6/topics/auth/customizing/#substituting-a-custom-user-model':
Substituting a custom User model
New in Django 1.5.
Some kinds of projects may have authentication requirements for which Django’s built-in User model is not always appropriate. For instance, on some sites it makes more sense to use an email address as your identification token instead of a username.
Django allows you to override the default User model by providing a value for the AUTH_USER_MODEL setting that references a custom model:
AUTH_USER_MODEL = 'myapp.MyUser'
This dotted pair describes the name of the Django app (which must be in your INSTALLED_APPS), and the name of the Django model that you wish to use as your User model.
Of course there are some requisite warnings to consider (available at the above link), but this is looking like a good answer to your question: https://docs.djangoproject.com/en/1.6/ref/settings/#auth-user-model
There are also some custom model compliance expectations to consider (too many to list here): https://docs.djangoproject.com/en/1.6/topics/auth/customizing/#specifying-a-custom-user-model
Unless there can be more than one value for AUTH_USER_MODEL (I doubt that is sane), then I think I will need to build my own custom authentication backend: https://docs.djangoproject.com/en/1.6/topics/auth/customizing/#writing-an-authentication-backend
I hope this helps any other lost souls out there that need distinct User and Device authentication schemes (perhaps because of some pre-existing spec that makes messy what could be soooo easy).
Cheers!
Related
This is for a practice project I am building to learn Django. The site will need to track certain data about the user. Should I customise the default User model? Or create a new model like -
class UserData(models.Model):
'''holds user info'''
owner = models.ForeignKey(User)
# data
I couldn't find a clear answer.
It really depends. I would recommend keeping User model small, and put most of the additional information in some kind of Profile model. However, there are certain important things that you may want to place in the User model, for example:
user_type field - you may have multiple Profile models (think CustomerProfile, VendorProfile etc.) and you need a way to distinguish User and grant appropriate access to them
Something related to authorization, like require_2fa field
If you are starting a new project and don't expect a lot of additional info, you may keep them in the User model just for simplicity, especially if you are already customizing it (i.e. to replace username with email)
Users are special so it is better to use django.contrib.auth.models.AbstractUser to keep the the default user model behaviour and add your custom fields there.
from django.contrib.auth.models import AbstractUser
class CustomUser(AbstractUser):
pass
I've wrote an article about it that I think it would be userful in this case.
I am building a food ordering website with Django. I want my users to register an account on my site, and they should sign in to actually order. I want to use the User class built in with Django, but that doesn't include necessary fields like address, confirmation ID, and phone number. If I build a custom User model, that doesn't have many good helper functions which I can use like auth.authenticate. I searched this topic, and I found that I could use AbstractUser. But when I inherited my CustomUser class from AbstractUser, some strange things began to happen. After some more research, I found out that changing the User model after applying my built-in migrations give some errors as there are some relationships or something.
I deleted my database and created a new one. Now, I am extending my CustomUser class from the built-in User class. This works fine, only you can't do auth.authenticate checking with the, confirmation ID for instance. Also, it seems to create two models every time I create a new CustomUser, the other on in the Users under the auth tab.
Can you tell me any good way to connect the User model with a few more fields after applying the built-in migrations? Thanks in advance.
You should extend from AbstractUser and not User class ( behaviour you are experiencing is Multi-table inheritance (as documented))
Whole process of substituting default user model is well documented
this is my first question on stackoverflow. I am a beginner programmer and kind of have issues with programming logic.
My issue is that I have a model(which happens to be a form) which collects important information from the users, I want to be able relate this model with the individual user since it has the information about them that I need.
Any form of help is appreciated...By the way am using the Django web framework.
Before 1.5: https://docs.djangoproject.com/en/dev/topics/auth/#auth-profiles, add a model that links OneToOne to the User model provided by Django and telling about that model in settings.py with the global AUTH_PROFILE_MODULE
After 1.5: https://docs.djangoproject.com/en/dev/topics/auth/#auth-custom-user, the previous method is deprecated. Now you have to fully customize the User model provided by Django.
If you are a new user, I suggest the following links:
EXTENDING USER MODEL IN DJANGO
Storing additional information about users
Generally, you create a normal model with a foreign key to the Django User model. Then add any other fields you would want to store for a user e.g. date of birth, website, favorite color, etc.
I am building an API with Django Tastypie and I am trying to implement the ApiKeyAuthentication.
My system doesn't use the built in User model that Django provides and all the examples seem to rely on that.
I've created my own version of the User model called Author which is much simpler. For the ApiKeyAuthorization I was hoping to be able to use the id of an Author rather than the username of the User model.
Is there a way I can build this authorization system without using the User model?
ApiKeyAuthentication relies on Django's builtin User object. It's a fairly simple class implementation, looking at its source should give you an idea how to write your own Authentication model.
I just started a Django project (there are no apps in it). I activated the admin in settings file and can access the Django administration page. There is a column in Django page to add users; while adding users I get only three fields under personnal info, but I need to store some more information about users. I Googled around and found that I can use user profiles to accomplish this. I tried, but I am having problems.
My aim is to add three more fields to the user table:
role
contact number
other
I need details like: which function I need to write and where to do this.
I found this, but I do not know where I need to write these steps. I would greatly appreciate a more clear explanation of this.
Django User Profiles is what you need. The blog you linked to has clear steps on how to do it. You can check out the Django documentation. http://www.turnkeylinux.org/blog/django-profile also provides a good explanation.
Basically you need to create a new model with User as ForeignKey and define the model in the settings.py as AUTH_PROFILE_MODULE = "django_app.your_profile_modelname". Create the profile and save it just like any other model, and access it using user.get_profile()
Adding a couple of things in response to your questions below:
First, do not create apps as a directory. Use startapp <appname> [destination] as described here. That will create the app directory.
Second, you have to add the app to INSTALLED_APPS in the project's settings file, do a syncdb. Basically, follow the steps in Django tutorial on writing your first app.
Third, UserProfile is a separate model. It is not an extension of User. It is associated with the User just because you added User as the ForeignKey.
Fourth, to be able to see the user profile model in admin, you do exactly what you would do to add any other model to admin page. Create a file names admin.py under your app with:
from django.contrib import admin
from myproject.app.models import UserProfile
admin.site.register(UserProfile)
There are three key concepts to understand:
There is no built in "profile" system in Django, beyond the limited auth app which is really geared just to user login. You are expected to roll your own.
There is nothing magical about a profile record in itslef, it is just like any other record that takes User as a foreign key (or, more properly, a one-to-one field as per the docs). You create it by creating a custom django app (traditionally called profiles) and a model for that app (traditionally called UserProfile, since Profile is not allowed as a model name).
The only thing that sets UserProfile aparts as a model is that you specify it as the AUTH_PROFILE_MODULE which means that it is accessible when called .get_profile() on a User record. That's it. If you set up the UserProfile like so:
def UserProfile(models.Model):
user = models.OneToOneField(User, related_name='profile')
other fields
then you can also access the profile as user.profile rather than user.get_profile() which some people prefer.
Again, nothing magical about the profile model -- it is just a model record like any other model record.
If you want to be able to edit additional fields within the user form that's more complicated; easiest way is probable unregister User and then register it again using your custom ModelAdmin and form class but judging by your question you're probably not at that level yet.