I have to change the Django's authentication backend (the default is django.contrib.auth.AuthenticationBackend) to one of my own. The problem is that since Django stores the authentication backend for a requested user in the session, it throws errors to me when I try to use the new backend. The option is to delete all the session information. Is there a better way to do this? Or else, what is the most preferred way?
Look at the Pinax project's account auth_backends , there it replaces with own one. I think Pinax code helps you while changing Django's authentication backend.
Related
I am evaluating if Firebase authentication to see if it works well with Django/Djangae. Here comes some context
require email/password authentication, able to additional field like job title, and basic things like reset password email.
use Djanage framework (Django that uses datastore as data storage), app engine.
really good to make use built-in authentication tool provided by Django, like session, require-loggin, etc.
Drop-in authentication seems to be a candidate. Does it work with Django authentication, like permission, group, etc.
Thanks for advance.
Firebase authentication only supports login/signup, reset password or email.
but for that you need firebase admin credentials.
For other field you need local model. There is no problem with using django, but also no existing integration I'm aware of, so you'd have to hook it up yourself.
if you want auth-system like firebase and other functionality than you can use social-django-restframework. you can integrate all login system with your django app and control user with inbuilt user model.
I implemented Redis Caching in my Django.. However, is there a Friendly User Interface to just check the cache values. Something like you can see all the cache keys and its values in Django Admin
You can check the status of your Redis Cache with the help of this github library,
https://github.com/erussell/django-redis-status
It is only accessible in the django-admin page.
By the way, you can always check your redis database using redis-cli.
I don't know whether I am getting your question in the correct way or not.
But this may help.
I'm creating a Django website that supports both local login backend and LDAP login (through django-auth-ldap), and maybe more in the future.
I'm getting into Django login and backends sutff and have a couple of questions - mainly is there any reason Django doesn't keep user creation backend in the database? Shouldn't user A be linked (and by linked I mean a field on User model) with the backend django.contrib.auth.backends.ModelBackend for safety/convince reason?
I'm getting around to creating a custom user model, and was thinking about adding such field. The ability to unambiguously know which backend was/is used to create/login the user sounds logically for me, but the fact that Django doesn't have that by default, and that I can't find anything similar on the Internet has me worried that I didn't think of a really good reason for why it's done the way it is.
Thanks in advance,
Paweł
Django doesn't need that info. Once the user is authenticated, and django has a User model, it doesn't care what backend authenticated it. The User model data is stored in one source. The User model (whether the default or custom) is consistent and has the same attributes, functionality and behaviour across the entire django project and schema. Nothing in the out-of-the-box django deals with different user models.
You may extend this with AbstractBaseUser, but managing really different users across the same project, especially with the core django modules, is a strech.
Django uses the User model a lot, and you will have to manually locate each place it does, and provide your own router to the correct backend. There is no API for this (like, say, db routers), it's going to be a mess of hacks that will probably even messier with each upgrade.
Django does support, in addition to the custom user model, "authentication backends". Some of the functionality your are looking for is available and exposed with this option, in a formal API. So you probably want to stick with that.
see:https://docs.djangoproject.com/en/1.9/topics/auth/customizing/#authentication-backends
I have got an Django application that uses the RemoteUserBackend in combination with Apache and mod_auth_kerb to authenticate against Kerberos.
However, this has some drawbacks:
There is no proper logout without closing the browser tab. You may click "Logout" in your Django application, but I would expect to be asked for my credentials when I try to log in again - the latter is not the case. (Side note: It is quite possible for my application that two users want to log in one after another, which increases the lack of comfort and may be problematic when one users performs actions with the other user's rights.)
The application is currently tailored to the Apache/RemoteUser solution, so it does provide no flexibility to switch over to other authentication methods, e.g. authentication against the Django database. The possibility to use alternative authentication methods would also ease the development of the application.
That said, I would like to use a form-based authentication (username/password). This would move the control for the authentication to Django, so login/logout should work properly then. Also, this form could be used as well with different authentication backends, without a need to modify the GUI.
How can this be done? Is there already a solution to this or a project that adresses my issue? Most implementations I saw like the ones in the answers here just use Apache or an LDAP authentication, but not Kerberos.
Related, but unanswered question: Django user logout with remote authentication
Sorry this is delayed. I am the author of the above recommended Kerberos + Django post (roguelynn.com).
For your first issue, take a look at kobo: https://fedorahosted.org/kobo/ - it uses Kerberos + RemoteUserBackend + Apache with Django, but implements a logout mechanism (in kobo/django/xmlrpc/auth.py: https://git.fedorahosted.org/cgit/kobo.git/tree/kobo/django/xmlrpc/auth.py).
http://www.roguelynn.com/words/django-custom-user-models/
That blog post explains quite nicely how to use Kerberos as a Django 1.5 backend authenticator. Hot off the presses as of May 15th. She's got a bunch of nice kerberos examples.
For posterity's sake just in case the blog goes away someday, the author stores her blog posts as static files in her github repo.
https://github.com/econchick/roguelynn/blob/master/_posts/
I've searched an answer for this but have found nothing - maybe because it's so obvious. But I want to make sure.
What is the correct way to authenticate users using an LDAP server in a Flask web app?
This link describes 4 authentication methods, so along the same lines, do I just need to write an LDAP auth decorator?
(The reason I'm asking is to see whether I can make a Flask clone of my Django app)
Thanks for any help and suggestions.
Yes, you have to write your own decorator which checks the authentication.
In this decorator you should call the wrapped function if a user is authenticated. If not you should return a default page reminding the user to login.
I don't think you need a decorator, but it's a sensible thing to do, as it makes it easy to "tag" those routes that you want to require authentication.
Otherwise you'll be adding a lot more code whenever you want to implement some sort of authentication for a route.