I creating a page which already login with account's user and has a link to do login with another account. But I have no idea, yet. Anyone have some cool idea?
Django's session engine manages per-user sessions, i.e. each user (auth.User instance) gets a single session, his own.
While that does mean you have to track each user under a single auth.User instance, it doesn't mean you can't create a UserProfile that will implement a custom layer which tracks multiple accounts (I'd use this term loosely) with an single auth.User instance.
That's what you usually do if you accept multiple login mechanisms. For instance, your users may have an existing account to which they can log in using their registered username, password, but they can also login via OpenID or their Facebook account.
Related
I am creating a flask app to be used internally in my company. I would like to restrict what a user can do it based on its login ID. I read a lot about using LDAP3 but I don't think I can do what want which send the login ID to the server. There I would have a table which will register which part of the system has the permition to edit. If it try to change somenthing not permited the app will retrieve a warning message.
I won't to do that to avoid having to create a separate login functionality just for this app. I read that I should use AD authentication but I am not very familiarized with that and I would also like to avoid having to ask our IT department to create user groups there for each part of my system.
I know that I can do that using ASP .NET (at least I did once).
Any guidance will be apreciated.
I think you are looking for Role-based Authorization.
In order to use this functionality you will need to implement roles on your model file per the Data-models documentation.
This will allow you to assign users a role when they are created, and you can use a decorator on your routes to 'require' the user to have the role you want them to have before they access the endpoint.
I need to map one social account (created on a Django server with django-oauth-toolkit) to several different logins in a Django website. I already managed to connect and the server passes all allowed accounts so that the client connects as one of them.
I'd like to add the possibility to prompt for the choice of which of the accounts should be used. I'm currently connecting the user in the pre_social_login method of the account adapter.
The only idea I have is to persist in the session the available accounts and redirect to a page to select the preferred one. I'd like to understand if there's a better way.
I want make sign up and login on the base of their role there admin can add users and approved the request of other two user so that they can login.When user click on the sign up the user see sign up page accorading to their roll and same for login .
Django implements a pretty decent authentication framework inside it, so you already have things such as Users, Groups and Permissions to work on. All of those being managed easily by the admin page.
What you want to do is to assign a set of groups/permissions to a newly created user to determine its role and then build a frontend that manages the different kind of users in terms of templates. If you want an user to have itself validated before start using your page, refer to the is_active attribute of the User object.
Read for more information:
https://docs.djangoproject.com/en/2.2/topics/auth/default/#user-objects
Django-Social in its feature list claims that it supports associating multiple authentication providers to a single user account.
I can't seem to figure out how to use that feature.
When I try to login using a new authentication provider it automatically seems to be creating a new account for each provider.
Any ideas?
Sarvi
Take a look to django-social-auth, it's simpler and easier to setup than Django-Socialauth.
Multiple account association is supported but limited to logged in users to avoid the decision of which user instance must be removed.
it supports associating multiple authentication providers to a single user account
By looking at the code for models.py here, socialauth has a UserProfile for each provider, associating them to the User object which you use for basic authentication. So indeed, what it claims is true.
It can be done manually through admin once you have logged in with multiple accounts. Then the Socialauth models for the accounts can be adjusted to point at the User they are required too and multiple accounts can point to the same user.
But I have not had a good enough look to work out how to let users do this automatically for themselves. It does not work out of the box if you sign in to another account if while already signed into an existing account.
I want to let a logged-in and registered user create extra user accounts that he will be the admin of. These accounts will be special "subordinate" accounts that are tied to the user creating them. He should be able to add/modify/delete these accounts kind of like the theory of how a Google apps administrator manages the accounts for his company (you are a regular user, but also create/destroy other users.)
The subordinate accounts cannot create/modify/delete accounts (except change their own password and normal user behavior.) I'm using the django auth model for all of these accounts. What is a good way to access the auth methods to add/modify/delete accounts from my own custom built webpages without using any admin code?
First, you'll need to extend your User model. Then: Add a field that represents the class of user - "subordinate" or "admin". Add a field that references the "admin" User via foreign key so you can group users by their "admin". Create views that check the class of user and allow creation, edit, deletion of "subordinate" user accounts if user class is "admin".