Hello everyone, I'm planning to apply for the GSoC Enhanced auth.user project. I worked on several Django based projects before. (hackerspace os (http://code.google.com/p/hackerspace-os/) is probably the biggest one (used by the Austrian hackerspace metalab (http:// metalab.at)) and a lot of smaller ones)
I faced some limitations of the auth framework when I tried to write a custom auth backend for Django on Google App Engine (http://bitbucket.org/ d3f3nd3r/djangoappengine-helpers/). The problem was, that the auth framework forces you to call a login() function when the user logs in and set request.session[SESSION_KEY] and request.session[BACKEND_SESSION_KEY]. When using Google Accounts for authentication no django login method is called. But django.contrib.auth.__init__ get_user() method depends on request.session[SESSION_KEY] and request.session[BACKEND_SESSION_KEY] so a custom backend with a custom get_user() won't work without a modified middleware. (http://groups.google.com/group/django-non-relational/browse_thread/ thread/36b760c515b75c0e) My first approach to make the auth system more flexible is to make the methods in django.contrib.auth.__init__.py more flexible, so the methods doesn't force you to call a django login method. All backends will have to extend a base backend class and implement the get_user(), login(),.. methods. The request.session stuff will be moved to the ModelBackend (other model based backends can extend ModelBackend). So it will be easy to create custom backends for Google Accounts,Twitter, Facebook... that work out of the box with the Django auth system. The second task will be to make the user model more extendable. I think the way suggested by David Danier ( ticket : http://code.djangoproject.com/ticket/3011) is a good one. Move all the login and permission stuff to extra Permission and Auth base classes. A base model class for authentication will only contain an ident field (we dont't need to store user name / password/ email if we use a remote service for authentication, but we have to link the remote service user to to Django user model). The "old" contrib.auth.models.User class will extend the two classes (Permission and Auth) and add all the extra fields (username, first-, last name....) so it won't break existing apps. A list of accepted user classes can be passed to the backends. I know this is a tough issue, but I'm really interested in working on the problem. Please post your comments, ideas, suggestions,..., so we can find a good solution. (and maybe a successful proposal for GSoC) Flo -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
