How to use django login_required decorator for custom authentication backend?
Hi, I have created an authentication backend that allows users to login using their username, password and institute id. Although the user can login but it doesn’t get access to the view with login_required decor. When I login to the site it redirects to this url: ' http://xxx.xx.xx.x:/accounts/login/?next=/accounts/rhome/'. How can I set authentication restriction (or login_requied decor) on specific view in this case? Any suggestions will be greatly appreciated. Here is what I tried. *backends.py:* *class AuthBackend(object): supports_object_permissions = True supports_anonymous_user = False supports_inactive_user = False def get_user(self, user_id): try: return User.objects.get(pk=user_id) except User.DoesNotExist: return None def authenticate(self, username=None, password=None, institute_id=None):User = get_user_model() try: userid = User.objects.get(username=username) profile = Profile.objects.get( Q(user_id=userid.id) & Q(institute_id=institute_id) ) user = User.objects.get(id = profile.user_id) if user.check_password(password): return user except ObjectDoesNotExist: return None* -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/0847e5b4-a2ed-4d5c-a539-63207785677fo%40googlegroups.com.
Custom authentication backend does not get credentials
Hi everyone
My project uses two authentications ways for different users. Administrator
users authenticate themselves with username and password (ModelBackend).
Customers authenticate themselves with phonenumber and token (custom
authentication backend).
My custom backend authentication backend never gets the credentials. It
only works if I use username and password.
class CustomerBackend:
def authenticate(self, request, phonenumber=None, token=None, **kwargs):
print(phone_number)
print(token)
print(kwargs)
return None
It shows:
None
None
{'phonenumber': '+17786432446', 'token': 'abc'}
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/e83d5a88-1086-4827-89fd-a9ddb8842b4f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: Django rest framework JWT and custom authentication backend
On Saturday 27 May 2017 02:08:02 Robin Lery wrote: > curl -X POST -d "email=ad...@gmail.com=123123" > http://localhost/api-token-auth/ > > "non_field_errors": [ > "Unable to log in with provided credentials." > ] > > What am I missing? Why is it that its working while loggin to the > django admin site, but get error when getting token with django rest > framework jwt? Shot in the dark: Your payload is not json. -- Melvyn Sopacua -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/17698992.v6nmsmD0e2%40devstation. For more options, visit https://groups.google.com/d/optout.
Django rest framework JWT and custom authentication backend
I have a custom user model and have created a custom authentication
backend. I am using django rest framework JWT
<http://getblimp.github.io/django-rest-framework-jwt/#extending-jsonwebtokenauthentication>
for token authentication.
User model:
class User(AbstractBaseUser, PermissionsMixin):
email = models.EmailField(
unique=True,
max_length=254,
)
first_name = models.CharField(max_length=15)
last_name = models.CharField(max_length=15)
mobile = models.IntegerField(unique=True)
date_joined = models.DateTimeField(default=timezone.now)
is_active = models.BooleanField(default=True)
is_admin = models.BooleanField(default=False)
objects = UserManager()
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['first_name', 'last_name', 'mobile']
Auth backend:
class EmailOrMobileAuthBackend(object):
def authenticate(self, username=None, password=None):
try:
user = get_user_model().objects.get(email=username)
if user.check_password(password):
return user
except User.DoesNotExist:
if username.isdigit():
try:
user = get_user_model().objects.get(mobile=username)
if user.check_password(password):
return user
except User.DoesNotExist:
return None
else:
return None
def get_user(self, user_id):
try:
return get_user_model().objects.get(pk=user_id)
except User.DoesNotExist:
return None
And have added in the settings.py:
AUTHENTICATION_BACKENDS =
('accounts.email_mobile_auth_backend.EmailOrMobileAuthBackend',)
While to log in to django admin site, both the email and mobile number
works fine in authenticating the user. However, when I try get the token
for the user using django rest framework JWT
<http://getblimp.github.io/django-rest-framework-jwt/#usage>, I get an
error:
curl -X POST -d "email=ad...@gmail.com=123123"
http://localhost/api-token-auth/
"non_field_errors": [
"Unable to log in with provided credentials."
]
What am I missing? Why is it that its working while loggin to the django
admin site, but get error when getting token with django rest framework jwt?
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/CA%2B4-nGqs8vvev5Y13Q2q1rtoL%3DHzUOhsfOkwV_aSOtS9jinXYw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Django custom Authentication Backend
Hello everyone I've been trying to create a custom Authentication Backend in Django , It worked .. And it returns an authenticated user and It Logs-in successfuly, BUT , whenever I refresh the page or move for another page it just logout ! it doesn't stuck logged in . here's the backend snap : from django.contrib.auth.models import User class SBAT(ModelBackend): def authenticate(self, username=None, id=None): try : user = User.objects.get(username= username) if user.id == id : return user except : return None def get_user(self ,user_id ): try : user = User.objects.get(pk=user_id) except : return None the login view profile_name = profile_data['name'] profile_id = profile_data['id'] try : user = User.objects.get(username=profile_name+profile_id[:3]) except : user = User.objects.create_user(username=profile_name+profile_id[:3], id = int(profile_id)) user = authenticate(username=user.username , id = int(profile_id) ) login(request,user) return render(request,'index.html') It Login successfully but logout whenever I get out of the current page . Thanks in advance -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/693224b8-ac95-4d3b-9bcd-800544a34087%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: Custom authentication backend
Found an answer here: http://stackoverflow.com/questions/10874675/why-does-django-need-a-database-for-custom-authentication-backends On Thursday, July 18, 2013 1:12:04 PM UTC+2, Rok Jaklič wrote: > > Hi, > > if I write custom authentication backend, do I need to create user in > local database so that method get_user can find it? > > Can I avoid creating user in local database? > > Rok > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. For more options, visit https://groups.google.com/groups/opt_out.
Custom authentication backend
Hi, if I write custom authentication backend, do I need to create user in local database so that method get_user can find it? Can I avoid creating user in local database? Rok -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. For more options, visit https://groups.google.com/groups/opt_out.
Re: Custom Authentication Backend
Well, I started to write a new login for auth, and you are right, it is WAY more trouble than it's worth. I don't think I need anything as big as django-ldap-groups (which is nice), but I am just going to save the users into django's auth user table and just separate out the ldap users in admin I guess. Thank you all for your help. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Custom Authentication Backend
Or you could hack/port the library Peter spoke of earlier and add the functionality you are looking for :] but how would you admin it, and i bet alot would break at first sight. On Dec 3, 2009, at 4:33 PM, Peter Herndon wrote: > > On Dec 3, 2009, at 3:29 PM, bfrederi wrote: > >> I'm not looking to avoid effort. I just don't want a bunch of extra >> users cluttering up my system if I don't need to. I have no desire >> for >> them to exist in my system for any reason. I want to keep the number >> of django users limited in my system so it is easier to manage them >> in >> admin. >> >> Thanks for the import advice though. Unfortunately, it's not what I'm >> seeking. >> > > In which case, you'll need to rewrite an awful lot of contrib.auth > to work with LDAP directly. The existing contrib.auth is designed > to work with User models stored in a relational database, > manipulated via the standard Django ORM. There are any number of > working snippets for importing user data from LDAP or other sources > on successful authentication, but they all work by creating a User > and storing the model in the db. They just get their user info from > AD, or wherever. The one you chose is very workable. > > While it sounds like a grand thing to avoid the redundancy of > storing your users both in the db and in your original source, the > amount of work involved makes it a non-starter for all but the most > obsessed. And it really doesn't buy you much, practically > speaking. I'd suggest to you that a better approach would be to > work on customizing the admin to separate out your LDAP users from > your local-to-Django users, I seem to recall seeing some snippets to > that purpose. Basically, just rope off your LDAP users and ignore > them. > > Though if you *do* wind up rewriting contrib.auth to work directly > from LDAP, please do post, I'd love to see it. > > ---Peter > > P.S.: Thanks for the plug, Mike! :) > > -- > > You received this message because you are subscribed to the Google > Groups "Django users" group. > To post to this group, send email to django-us...@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en > . > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Custom Authentication Backend
On Dec 3, 2009, at 3:29 PM, bfrederi wrote: > I'm not looking to avoid effort. I just don't want a bunch of extra > users cluttering up my system if I don't need to. I have no desire for > them to exist in my system for any reason. I want to keep the number > of django users limited in my system so it is easier to manage them in > admin. > > Thanks for the import advice though. Unfortunately, it's not what I'm > seeking. > In which case, you'll need to rewrite an awful lot of contrib.auth to work with LDAP directly. The existing contrib.auth is designed to work with User models stored in a relational database, manipulated via the standard Django ORM. There are any number of working snippets for importing user data from LDAP or other sources on successful authentication, but they all work by creating a User and storing the model in the db. They just get their user info from AD, or wherever. The one you chose is very workable. While it sounds like a grand thing to avoid the redundancy of storing your users both in the db and in your original source, the amount of work involved makes it a non-starter for all but the most obsessed. And it really doesn't buy you much, practically speaking. I'd suggest to you that a better approach would be to work on customizing the admin to separate out your LDAP users from your local-to-Django users, I seem to recall seeing some snippets to that purpose. Basically, just rope off your LDAP users and ignore them. Though if you *do* wind up rewriting contrib.auth to work directly from LDAP, please do post, I'd love to see it. ---Peter P.S.: Thanks for the plug, Mike! :) -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Custom Authentication Backend
I'm not looking to avoid effort. I just don't want a bunch of extra users cluttering up my system if I don't need to. I have no desire for them to exist in my system for any reason. I want to keep the number of django users limited in my system so it is easier to manage them in admin. Thanks for the import advice though. Unfortunately, it's not what I'm seeking. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Custom Authentication Backend
bfrederi wrote: > I am writing my own custom authentication for AD/ldap and I am trying > to authenticate the user without saving the user in the Django User > table. I also don't want the user to have to log in every time they > want to view something. Is there any way to not save the user in the > Django User table and keep them authenticated? I don't require them to > access admin or anything, I just need them to be authenticated. > > So far I have this as my backend (the ldap backend it falls back on > after the default backend): > http://dpaste.com/hold/128199/ > > But when I use that code, it is still saving the User model instance. > I know, because the next time I log in I get a "Duplicate entry". I > don't want to have to make a user for every person that logs into my > django site via their ldap credentials if I can avoid it. It isn't clear to me that you want to avoid the effort of putting a user in or whether you really want to avoid having them in the Django database. If you just want to avoid the effort and don't mind them being in there I can recommend Peter Herndon's django_ldap_groups ... http://code.google.com/p/django-ldap-groups/ ... which I have recently installed and it works very well. This kit automatically inserts the user from the AD or eDirectory into the Django database complete with whatever info you want to extract and also putting them into Django groups you have related to AD or eD groups. This lets users login with ldap auth and if the ldap server is down they can log into the Django app using Django auth. Regards Mike I would > greatly appreciate it if someone could point me in the right > direction, or tell me what I'm doing wrong. > > -- > > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-us...@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > > > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Custom Authentication Backend
I am writing my own custom authentication for AD/ldap and I am trying to authenticate the user without saving the user in the Django User table. I also don't want the user to have to log in every time they want to view something. Is there any way to not save the user in the Django User table and keep them authenticated? I don't require them to access admin or anything, I just need them to be authenticated. So far I have this as my backend (the ldap backend it falls back on after the default backend): http://dpaste.com/hold/128199/ But when I use that code, it is still saving the User model instance. I know, because the next time I log in I get a "Duplicate entry". I don't want to have to make a user for every person that logs into my django site via their ldap credentials if I can avoid it. I would greatly appreciate it if someone could point me in the right direction, or tell me what I'm doing wrong. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: custom authentication backend not being used...
On 08/19/2009 02:04 PM, Jay wrote: > Sorry, nevermind. I finally figured this out right after I posted > this. > > What was the solution? Both for posterity, and because I'm personally curious. Thanks, ---Peter --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: custom authentication backend not being used...
Sorry, nevermind. I finally figured this out right after I posted
this.
On Aug 19, 12:48 pm, Jay <krustymon...@gmail.com> wrote:
> First off, I'm using Django 1.1.
>
> I've been having problems getting my custom authentication backend to
> work, specifically in the "admin" site.
>
> I've been using this page as guide to put together an auth backend
> that uses my subclass of the User model to authenticate.
>
> http://scottbarnham.com/blog/2008/08/21/extending-the-django-user-mod...
>
> I will post all code below, but for the moment here is the problem.
> I'm trying to log into the django admin site and I'm getting an
> exception on "check_password()" that shows me that the admin login
> system is using the User.check_password() rather than my subclass'
> check_password(). I'm working with an existing database here and I
> don't want to change my password hashing scheme if I don't have to.
> The thing that's driving me crazy is that the admin site doesn't seem
> to be using my User subclass.
>
> Is there something I'm forgetting/missing here?
>
> Thanks for any help anyone has to offer.
>
> Here is all relevant code (if there is something I'm forgetting, do
> let me know):
>
> settings.py
> --
>
> ...
> ...
> AUTHENTICATION_BACKENDS = (
> 'mf_pyweb.auth_backends.EmUserModelBackend' ,
> )
> CUSTOM_USER_MODEL = 'mfmain.EmUser'
>
> INSTALLED_APPS = (
> 'django.contrib.auth',
> 'django.contrib.contenttypes',
> 'django.contrib.sessions',
> 'django.contrib.sites',
> 'django.contrib.admin',
> 'mf_pyweb.mfmain',
> 'mf_pyweb.mfadmin',
> )
>
> --
>
> auth_backends.py
> --
>
> from django.conf import settings
> from django.contrib.auth.backends import ModelBackend
> from django.core.exceptions import ImproperlyConfigured
> from django.db.models import get_model
>
> class EmUserModelBackend(ModelBackend):
> def authenticate(self , username=None , password=None ,
> email=None):
> try:
> user = None
> if email or '@' in username:
> user = self.user_class.objects.get(email=email)
> elif username:
> user = self.user_class.objects.get(username=username)
> else:
> return None
> if user.check_password(password):
> return user
> except:
> return None
>
> def get_user(self , user_id):
> try:
> return self.user_class.objects.get(pk=user_id)
> except:
> return None
>
> def get_user(self , user_id):
> try:
> return self.user_class.objects.get(pk=user_id)
> except:
> return None
>
> @property
> def user_class(self):
> if not hasattr(self , '_user_class'):
> self._user_class = get_model(
> *settings.CUSTOM_USER_MODEL.split('.' , 2))
> if not self._user_class:
> raise ImproperlyConfigured('Could not get custom user
> model')
> return self._user_class
>
> --
>
> mfmain/models.py:
> --
>
> ...
> ...
> class EmUser(User):
> domain = models.ForeignKey(Domain , db_index=True ,
> db_column='dom_id')
> report_freq = models.PositiveIntegerField()
> report_time = models.DateTimeField()
> userdir = models.CharField(max_length=1024)
>
> objects = UserManager()
>
> def set_password(self , raw_pass):
> self.password = getPHash(raw_pass)
>
> def check_password(self , raw_pass):
> salt , hash = self.password.split('$')
> return (getPHash(raw_pass , salt , False) == hash)
>
> def __str__(self):
> return self.email
>
> class Meta:
> db_table = 'users'
> ordering = ['email' , 'username' , 'date_joined']
> verbose_name_plural = 'users'
> ...
> ...
> --
>
> --
> Jay Deiman
>
> \033:wq!
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
custom authentication backend not being used...
First off, I'm using Django 1.1.
I've been having problems getting my custom authentication backend to
work, specifically in the "admin" site.
I've been using this page as guide to put together an auth backend
that uses my subclass of the User model to authenticate.
http://scottbarnham.com/blog/2008/08/21/extending-the-django-user-model-with-inheritance/
I will post all code below, but for the moment here is the problem.
I'm trying to log into the django admin site and I'm getting an
exception on "check_password()" that shows me that the admin login
system is using the User.check_password() rather than my subclass'
check_password(). I'm working with an existing database here and I
don't want to change my password hashing scheme if I don't have to.
The thing that's driving me crazy is that the admin site doesn't seem
to be using my User subclass.
Is there something I'm forgetting/missing here?
Thanks for any help anyone has to offer.
Here is all relevant code (if there is something I'm forgetting, do
let me know):
settings.py
--
...
...
AUTHENTICATION_BACKENDS = (
'mf_pyweb.auth_backends.EmUserModelBackend' ,
)
CUSTOM_USER_MODEL = 'mfmain.EmUser'
INSTALLED_APPS = (
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.admin',
'mf_pyweb.mfmain',
'mf_pyweb.mfadmin',
)
--
auth_backends.py
--
from django.conf import settings
from django.contrib.auth.backends import ModelBackend
from django.core.exceptions import ImproperlyConfigured
from django.db.models import get_model
class EmUserModelBackend(ModelBackend):
def authenticate(self , username=None , password=None ,
email=None):
try:
user = None
if email or '@' in username:
user = self.user_class.objects.get(email=email)
elif username:
user = self.user_class.objects.get(username=username)
else:
return None
if user.check_password(password):
return user
except:
return None
def get_user(self , user_id):
try:
return self.user_class.objects.get(pk=user_id)
except:
return None
def get_user(self , user_id):
try:
return self.user_class.objects.get(pk=user_id)
except:
return None
@property
def user_class(self):
if not hasattr(self , '_user_class'):
self._user_class = get_model(
*settings.CUSTOM_USER_MODEL.split('.' , 2))
if not self._user_class:
raise ImproperlyConfigured('Could not get custom user
model')
return self._user_class
--
mfmain/models.py:
--
...
...
class EmUser(User):
domain = models.ForeignKey(Domain , db_index=True ,
db_column='dom_id')
report_freq = models.PositiveIntegerField()
report_time = models.DateTimeField()
userdir = models.CharField(max_length=1024)
objects = UserManager()
def set_password(self , raw_pass):
self.password = getPHash(raw_pass)
def check_password(self , raw_pass):
salt , hash = self.password.split('$')
return (getPHash(raw_pass , salt , False) == hash)
def __str__(self):
return self.email
class Meta:
db_table = 'users'
ordering = ['email' , 'username' , 'date_joined']
verbose_name_plural = 'users'
...
...
--
--
Jay Deiman
\033:wq!
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: Custom authentication backend and User passwords
Thanks Malcolm. For anyone interested in this topic, I have created a snippet with my solution: http://www.djangosnippets.org/snippets/1301/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Custom authentication backend and User passwords
On Wed, 2009-01-28 at 11:34 -0800, Delta20 wrote: > Is there a way to make it so that when you create a User in admin, the > password is set such that the user cannot login using ModelBackend? Have a look at this: http://docs.djangoproject.com/en/dev/topics/auth/#django.contrib.auth.models.User.set_unusable_password Regards, Malcolm --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Custom authentication backend and User passwords
Is there a way to make it so that when you create a User in admin, the
password is set such that the user cannot login using ModelBackend?
I'm using two authentication backends, a custom backend and
Modelbackend: i.e.:
AUTHENTICATION_BACKENDS = ('myapp.auth.ActiveDirectoryBackend',
'django.contrib.auth.backends.ModelBackend',)
The custom backend only does authentication - no attempt to made to
create Users that don't exist in auth_user yet. This is intentional,
since I only want the users to be explicitly created in the admin.
However I don't want there to be a valid password in auth_user. I may
remove ModelBackend as an authentication backend, but even in that
case, I still don't want valid passwords in the DB.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: Users from custom authentication backend cannot login
What I meant was that the user cannot login to the administration pages provided by django.contrib.admin, which does login the user as far as I can tell --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Users from custom authentication backend cannot login
Hi, I created my own authentication backend which gets users from another table (webforum). I used http://www.djangoproject.com/documentation/authentication/#writing-an-authentication-backend as a starting point and the final backend looks like this: http://rafb.net/paste/results/gaXtif32.html Now when I import authenticate from django.contrib.auth and type authenticate(username='AUserWhoSitsInTheWebforumDB',password='HisCorrectPassword'), I get an User object. I set is_staff=True, too. Yet, when that user tries to login to the administration-area, he just gets redirected to the login form. No error message. When I overwrite his password with a "native" Django one, it works. What did I miss? authenticate(...) works. I added my backend to settings.py, too. Greetings, Florian --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Users from custom authentication backend cannot login
On 10/23/06, Florian Heinle <[EMAIL PROTECTED]> wrote: > > I created my own authentication backend which gets users from another > table (webforum). I used > http://www.djangoproject.com/documentation/authentication/#writing-an-authentication-backend > as a starting point and the final backend looks like this: > http://rafb.net/paste/results/gaXtif32.html > > Now when I import authenticate from django.contrib.auth and type > authenticate(username='AUserWhoSitsInTheWebforumDB',password='HisCorrectPassword'), > I get an User object. I set is_staff=True, too. Yet, when that user > tries to login to the administration-area, he just gets redirected to > the login form. No error message. When I overwrite his password with a > "native" Django one, it works. > > What did I miss? authenticate(...) works. I added my backend to > settings.py, too. Sounds like you haven't called login(request, user). Authenticate only checks to make sure a user's credentials are valid. Joseph --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Users from custom authentication backend cannot login
sorry, paste expired. try http://www.planet-tiax.de/backend.txt --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Users from custom authentication backend cannot login
Hi, I created my own authentication backend which gets users from another table (webforum). I used http://www.djangoproject.com/documentation/authentication/#writing-an-authentication-backend as a starting point and the final backend looks like this: http://rafb.net/paste/results/gaXtif32.html Now when I import authenticate from django.contrib.auth and type authenticate(username='AUserWhoSitsInTheWebforumDB',password='HisCorrectPassword'), I get an User object. I set is_staff=True, too. Yet, when that user tries to login to the administration-area, he just gets redirected to the login form. No error message. When I overwrite his password with a "native" Django one, it works. What did I miss? authenticate(...) works. I added my backend to settings.py, too. Greetings, Florian --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
