Thank you so much for all this info. This really clarified things for me. On Tuesday, April 4, 2017 at 1:42:44 AM UTC-4, Antonis Christofides wrote: > > Hello, > > this is far from an incredibly stupid question. > > As you know, RDBMS's keep their own list of users and have sophisticated > permissions systems with which different users have different permissions > on different tables. This is particularly useful in desktop applications > that connect directly to the database. Web applications changed that. > Instead of the RDBMS managing the users and their permissions, we have a > single RDBMS user as which Django connects to the RDBMS, and this user has > full permissions on the database. The actual users and their permissions > are managed by Django itself (more precisely, by the included Django app > django.contrib.auth), using database tables created by Django. What a user > can or cannot do is decided by Django, not by the RDBMS. This is a pity > because django.contrib.auth (or the equivalent in other web frameworks) > largely duplicates functionality that already exists in the RDBMS, and > because having the RDBMS check the permissions is more robust and more > secure. I believe that the reason web frameworks were developed this way is > independence from any specific RDBMS, but I don't really know. > > So the canonical way of working is to have a single *database user* as > which Django logs on to the database, with full permissions on the database > (including permission to create and delete tables), and many *Django > users*, each one with different permissions. Typically only one Django > superuser is created. I call the superuser "admin", which I believe is the > common practice. > > You can probably do things differently, and maybe there exist custom > database backends that would allow you to switch the database user on > login, but if there's no compelling reason you should really stick to the > canonical way. > > Regards, > > A. > > Antonis Christofideshttp://djangodeployment.com > > > On 04/03/2017 09:50 PM, [email protected] <javascript:> wrote: > > Hey everyone, > > I'm new to Django and web development overall so please bare with me. I > may be asking an incredibly stupid question. > > In the DATABASES dictionary in settings.py: > > DATABASES = { > 'default': { > 'NAME': 'something', > 'ENGINE': 'django.db.backends.mysql', > 'USER': 'mysql_user', > 'PASSWORD': 'blahblah' > } > > Is it possible for me to add more then one user and password? I am working > with a team and we all have seperate mysql users. Also, is it preferred to > just have one super user for Django? > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To post to this group, send email to [email protected] > <javascript:>. > Visit this group at https://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/075b8505-df99-425f-8fc8-0873f6f78c64%40googlegroups.com > > <https://groups.google.com/d/msgid/django-users/075b8505-df99-425f-8fc8-0873f6f78c64%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > >
-- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/7c75448e-2b1a-45cc-a825-3929419d667b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
