On Sat, Sep 25, 2010 at 11:13 AM, Harro <[email protected]> wrote: > Authentication = verification > Login = saving the authenticated user so we remember them. > > Putting login on the user model is a bad idea. > That will only make the whole auth app less flexible than it already > is. > What if I have another model which isn't a user but is able to login. > > Besides.. is_active does not mean you're not allowed to log in.. I'm > currently on a website where a user can register and do things on the > website right away and they won't be active till they have verified > their e-mail address. So the in active user can login and start using > the basic features right away. >
As far as django.contrib.auth is concerned it does. If your login forms extend from django.contrib.auth.forms.AuthenticationForm, you wouldn't be able to log in using an inactive account. The help text for is_active also clearly indicates the intended usage of this flag: "Designates whether this user should be treated as active. Unselect this instead of deleting accounts." Of course, if you work around all that, and don't use most of the contrib.auth framework, then you can use it to mean anything you like. Cheers Tom -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
