There was a session at this year's djangocon about this very topic. You
can see it on youtube at https://youtu.be/uLPZYuj7yTg
On Sunday, October 15, 2017 at 10:06:06 AM UTC-4, majvan wrote:
>
> Hello,
>
> in my application I wanted different user types each having different
> authentication method.
> I think to create authentication backend for each User model is possible.
> The difficult part here is to create different user models. AFAIK, all the
> user classes have to be derived from AbstractBaseUser or its child. So I
> added this to the settings:
>
> AUTH_USER_MODEL = 'myauth.AuthBaseUser'
>
> So I wanted to create some AuthBaseUser class in my application which will
> contain all the common fields for different user types, but it will not
> represent any particular type of user.
> The user types I have:
>
> 1. Normal user (UUID, email, name, address, password)
> 2. Remote application (UUID, name, generated random secret)
> 3. (other type of remote application with different fields)
>
> The authentication for the Normal user would be with webpage email +
> password The authentication for the Remote application would be with UUID +
> random secret with JSON to ask for the temporary token.
>
> I tried to abstract the AuthBaseUser:
>
> class AuthBaseUser(AbstractBaseUser, PermissionsMixin):
> pk = models.UUIDField(primary_key=True, unique=True, default=uuid.uuid4,
> editable=False,)
> name = models.CharField(_('name'), max_length=128, blank=False)
> typ = models.CharField(max_length=16, choices=USER_TYPES,
> default='normaluser',)
> date_joined = models.DateTimeField(_('date joined'), auto_now_add=True,
> default=timezone.now)
> last_login = models.DateTimeField(_('last login'), auto_now_add=True)
> is_active = models.BooleanField(_('active'), default=True)
> #NOTE: no password field here
>
> Then I wanted to create a RemoteAppUser and NormalUser with 1:1 mapping
> like this:
>
> class NormalUser(AuthBaseUser):
> user = models.OneToOneField(AuthBaseUser, on_delete=models.CASCADE)
> email = models.EmailField(_('email address'), unique=True)
> is_superuser = models.BooleanField(_('superuser'), default=True)
> #password = #not decided yet what to add here; for remote app we will
> have 256b of SHA256's random generated value
>
> EMAIL_FIELD = 'email'
> REQUIRED_FIELDS = AuthBaseUser.REQUIRED_FIELDS.append(['email',
> 'password', ])
>
> objects = NormalUserManager()
>
> def __init__(self, *args, **kwargs):
> super(AuthBaseUser, self).__init__(*args, **kwargs)
>
> def __str__(self):
> return self.get_username()
>
> def get_full_name(self):
> return self.get_username()
>
> def get_short_name(self):
> return self.get_username()
>
>
> Is there any recommended way to handle such different users? Note that for
> example I would like store the RemoteApp's secret as SHA256, but I do not
> need to run the permutations several times with seed etc.
>
> Thanks,
>
> jv
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/300217a9-278d-4418-9795-a0c0ff7eaa87%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
