I am new in Django, python , and AWS. I register a user, and I can see the user in my Django admin deployed to AWS. After I write a new feature and 'eb deploy' to AWS. I can see the new feature, but the user I registered before disappear. Can any one help?
#zijila The database is not going to carry over. It is probably a SQLite database for testing purposes. You probably wiped that DB out when you deployed using AWS EB. You should set up a MySQL database in AWS using Aws RDS. add the connection string to that DB and create a new user. That way the user is persisted when you redeploy.
Tip: Try not to write in the answer field when you respond on StackOverflow. Use the comment.
Related
So I’m building a flask app using AAD B2C based off the QuickStart code from Microsoft. All that is fine and is working with no issues but how do I secure individual user data in a backend database (Mongo DB API on Cosmos DB)? I’ve read a lot about RBAC but to create a new role Every time a new user registers isn’t really scalable. Because if you secure data via the mongo db secret key users can still modify data. I’ve thought about maybe adding a “user_id” of some kind to the documents in mongodb and pass along the user_id but in my head it seems that can be easily spoofed. So how do I ensure Users can only modify their own data? Is there a new DB user created for each user of the app that gets mapped to each other? Really I just want to secure user data in the DB with AAD or some kind of Kerberos method. Thank you!
I am reading the Tom Aratyn Book - Building Django 2.0 web application. I am on a basic level.
Before migrating my app to the database, he asks to create a database for our Django project. I didn't understand very well how to create this database, he didn't detailed the process. Follow what he says:
" Now that we have a model, we will need to create a table in our database that matches it. We will use Django to generate a migration for us and then run the migration to create a table for our movie model.
While Django can create and run migrations for our Django apps, it will not create the database and database user for our Django project. To create the database and user, we have to connect to the server using an administrator's account. Once we've connected we can create the database and user by executing the following SQL:"
CREATE DATABASE mymdb;
CREATE USER mymdb;
GRANT ALL ON DATABASE mymdb to "mymdb";
ALTER USER mymdb PASSWORD 'development';
ALTER USER mymdb CREATEDB;
I don't know where to type this line of code. Shell? I know his book uses the PostgreSQL database.
Thank you,
To execute commands on the database, you need some kind of client. If you have access to the database server bash, you can use the command line client psql.
For clients with a GUI, pgadmin is the most common. On the interface, you are able to open a window, in which you can insert the SQL commands.
So I'm starting a new Django project that essentially requires the login & registration process be routed through an EXTERNAL & ALREADY created database.
Is it possible to have the User model use an EXTERNAL database table ONLY when Django is:
Logging in a user, to check if the login is valid
Registering a user, inserting data for that user in the external database
I would like for the rest of the Django server to use a local database.
If so, could someone either provide examples or guide me to documentation on the subject?
Easiest way to use multiple database with Django is to use a database routing. By default Django stick to single database, however, if you want to implement more interesting database routing system, you can define and install your own database routers.
Database routers are installed using the DATABASE_ROUTERS setting. You have to specify this setting in your settings.py file
What you have to do is write one AuthRouter as described Django documentation Django Multiple Database
"Yes, but"
What you are looking for in the docs is called "database router".
There is even an example for the auth app in the docs there.
But, there is s serious drawback to consider with this approach:
We cannot have cross-database relationships in the models. If auth tables are in a separate database, this means that any otehr app that needs a foreign key to User model is going to run into problems. You might be able to "fake" the relationships using a db that doesn't enforce relationship checks (SQLite or MyISAM/MySQL).
Out of the box, such apps are: session, authtoken, and admin (and probably more).
Alternatively, a single-sign-on solution might do a better job: django-sso, or django-mama-cas + django-cas-ng, or the commercial Stormpath.
I have a Django app that has several database backends - all connected to different instances of Postgresql database. One of them is not guaranteed to be always online. It even can be offline when application starts up.
Can I somehow configure Django to use lazy connections? I would like to:
Try querying
return "sorry, try again later" if database is offline
or return the results if database is online
Is this possible?
The original confusion is that Django tries to connect to its databases on startup. This is actually not true. Django does not connect to database, until some app tries to access the database.
Since my web application uses auth and site apps, it looks like it tries to connect on startup. But its not tied to startup, its tied to the fact that those app access the database "early".
If one defines second database backend (non-default), then Django will not try connecting to it unless application tries to query it.
So the solution was very trivial - originally I had one database that hosted both auth/site data and also "real" data that I've exposed to users. I wanted to make "real" database connection to be volatile. So I've defined separate psql backend for it and switched default backend to sqlite.
Now when trying to access "real" database through Query, I can easily wrap it with try/except and handle "Sorry, try again later" over to the user.
The company I work for is starting development of a Django business application that will use MySQL as the database engine. I'm looking for a way to keep from having database credentials stored in a plain-text config file.
I'm coming from a Windows/IIS background where a vhost can impersonate an existing Windows/AD user, and then use those credentials to authenticate with MS SQL Server.
As an example: If the Django application is running with apache2+mod_python on an Ubuntu server, would it be sane to add a "www-data" user to MySQL and then let MySQL verify the credentials using its PAM module?
Hopefully some of that makes sense. Thanks in advance!
MySQL controls access to tables from its own list of users, so it's better to create MySQL users with permissions. You might want to create roles instead of users so you don't have as many to manage: an Admin, a read/write role, a read-only role, etc.
A Django application always runs as the web server user. You could change that to "impersonate" an Ubuntu user, but what if that user is deleted? Leave it as "www-data" and manage the database role that way.