I have two types of users.
- Customer.
- Vendor.
For Customers, I've already created custom user class where login happens through email and password. But, Vendors do not have email id and password. All vendor accounts are manually created by the django admin. Vendor class looks like this.
class Vendor():
phone = models.CharField(max_length=12, unique=True, required=True)
name = models.CharField()
.
.
What's the best way to implement OTP login for Vendors? Vendors usually login through an android/iOS app which communicates with the server using REST apis. Currently, I've created one more model to store 6 digit OTP password. Vendor enters his mobile no, he gets the OTP through SMS. Once he enters it I'm matching it with stored OTP key from the OTP table and sending success status. But ideally, I've to create an user session and send it along with success status.
Is there any plugin in Django to do this?
Related
I'm building a website using Django. I have the register and login sessions working, so any user can create an account and login. But now I want a situation whereby when someone creates an account, the account will be inactive and pending until the admin accepts the user. However, I haven't implemented any code that does that before and I want to know if Django has a built-in package for that. If not, how do I go about it?
If you are using a default User model of Django at time of create user, save it like these:
user = User.objects.create_user(
first_name = first_name,
last_name = last_name,
email = email,
password = password,
username = username,
is_active = False
)
user.save()
and by using filter query list all inactive users to admin.
I am attempting to write an admin action that accesses data from selected users. i.e. user's email. However, I have only been able to access the instance/data of the user that is currently logged in.
For example, to access the emails of selected users, I have tried:
#models.py
class Account(AbstractBaseUser):
email = models.EmailField(max_length=60, unique=True)
#admin.py
from account.models import Account
for Account in queryset:
author = request.Account.email
#OR
author = Account.objects.get(email=request.email)
print(author)
and both of these will fill "author" with the email address of the admin that is trying to pull the data.
Does anyone know how I could pull data from selected accounts with an admin action?
I was really overcomplicating it. Ironically enough, I found the answer on this site called simpleisbetterthatcomplex. The proper format was
for Account in queryset:
print(Account.email)
In my django admin, superuser is able to change the email address for any user.
I want superuser to prevent changing email for the user if that email address is from particular domain.
for ex: if user's email address is abc#restricteddomain.com then superuser should not be able to change this email to any other email address. I'm not able to fetch the old value using self.cleaned_data('email').
How to achieve this goal for admin site? I tried overrriding clean() method but it didn't work
Let's say my website will have a "reset password" button for when the user forgets his password, it will generate a link with a hash based on url_token field from Password_Reset_Token and email it to the user.
If the user access the url, the view can then reset his password and delete the Password_Reset_Token object.
But what if it expires and the link isn't accessed? Is there a way to add a daily task to clean expired objects?
Or is there a more clever way to do this?
Worth nothing that my application is entirely AJAX based and has no url redirecting
class Password_Reset_Token(models.Model):
url_token = models.AutoField(primary_key = True)
created_date = models.DateTimeField(auto_now_add=True)
user = models.OneToOneField(User, on_delete=models.CASCADE)
expiringdays = models.IntegerField(default = 12)
I would recommend creating a custom command that purges expired records. Run that periodically or via an automated process such as cron.
[Django 1.5.1]
I've set up django-profiles and django-registration for my small site in a way that involves a 'custom' registration backend such that during registration, a new user fills out their username, password, and profile fields in one go. But I'm now trying to allow users to log in with Facebook and trying to use django-facebook. As far as I understand, logging in through django-facebook's Facebook login will authenticate someone, but that won't create a user object nor a profile object.
So the idea I had in mind would be to add an extra profile field which holds a user's potential Facebook ID(which I believe is unique) if they want to use Facebook. Then force a check on every template if the user has a profile or not, and if not, to direct them to the 'create profile' page. Then whenever a user logs in through the Facebook login, it'll somehow link their session with the corresponding profile object which matches the Facebook ID (and consequently the user object corresponding to the profile object). I think I'd have to apply a filter and then create a 'signal', but I'm not too sure how to do that.
This sounds very convoluted though. How might I be able to get this accomplished the right way?
Here's how I suggest you do things. Do away with django-facebook and look into django-allauth. It will handle accounts (registration, logic, connecting social accounts).
Also, django-profiles has many issues with 1.5+ for me and I don't bother with it and instead create my own profiles app and UserProfile model with any additional fields that wouldn't be handled by django-allauth.
An example from one of my implementations
class UserProfile(models.Model):
user = models.OneToOneField(User)
default_address = models.OneToOneField(Address, blank=True, null=True)
default_tshirt_size = models.CharField(blank=True, null=True, choices=constants.tshirt_sizes, max_length=50)
default_shoe_size = models.CharField(blank=True, null=True, choices=constants.shoe_sizes, max_length=50)
Your user profile model should be pointing to the same User model allauth is using.
from allauth.utils import get_user_model
User = get_user_model()
Here's a neat method I use to create the User's profile automatically if it hasn't been already.
User.profile = property(lambda u: UserProfile.objects.get_or_create(user=u)[0])
Then just create a sign-up form class with a save() method that takes user as an argument. Link to this class in your settings file.
ACCOUNT_SIGNUP_FORM_CLASS = 'yourproject.yourapp.forms.SignupForm'
See this post on for a somewhat relevant example, except of course with your implementation you'll probably want to get the UserProfile based on the user.id at that point, and save the additional values to the profile instance.
How to customize user profile when using django-allauth