Changeset 2924
- Timestamp:
- 05/16/06 16:04:50 (2 years ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
django/branches/multi-auth/django/contrib/auth/backends.py
r2883 r2924 1 from django.conf import settings2 1 from django.contrib.auth.models import User, check_password 3 4 class SettingsBackend:5 """6 Authenticate against vars in settings.py Use the login name, and a hash7 of the password.8 9 ADMIN_LOGIN = 'admin'10 ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'11 """12 def authenticate(self, username=None, password=None):13 login_valid = (settings.ADMIN_LOGIN == username)14 pwd_valid = check_password(password, settings.ADMIN_PASSWORD)15 if login_valid and pwd_valid:16 # TODO: This should be abstracted out someplace else.17 try:18 user = User.objects.get(username=username)19 except User.DoesNotExist:20 user = User(username=username, password='')21 user.is_staff = True22 user.is_superuser = True23 user.save()24 return user25 return None26 27 def get_user(self, user_id):28 try:29 return User.objects.get(pk=user_id)30 except User.DoesNotExist:31 return None32 2 33 3 class ModelBackend: django/branches/multi-auth/docs/authentication.txt
r2921 r2924 662 662 at the beginning of this document. For now, the best way to deal with this is 663 663 to create a Django User object for each user that exists for your backend 664 (i.e. in your ldap directory, your external sqldatabase, etc.) You can either664 (i.e. in your LDAP directory, your external SQL database, etc.) You can either 665 665 write a script to do this in advance, or your ``authenticate`` method can do 666 it the first time a user logs in. 667 `django.contrib.auth.backends.SettingsBackend`_ is an example of the latter 668 approach. Note that you don't have to save a user's password in the Django 669 User object. Your backend can still check the password against an external 670 source, and return a Django User object. 666 it the first time a user logs in. Here's an example backend that 667 authenticates against a username and password variable defined in your 668 ``settings.py`` file and creates a Django user object the first time they 669 authenticate:: 670 671 from django.conf import settings 672 from django.contrib.auth.models import User, check_password 673 674 class SettingsBackend: 675 """ 676 Authenticate against vars in settings.py Use the login name, and a hash 677 of the password. For example: 678 679 ADMIN_LOGIN = 'admin' 680 ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de' 681 """ 682 def authenticate(self, username=None, password=None): 683 login_valid = (settings.ADMIN_LOGIN == username) 684 pwd_valid = check_password(password, settings.ADMIN_PASSWORD) 685 if login_valid and pwd_valid: 686 try: 687 user = User.objects.get(username=username) 688 except User.DoesNotExist: 689 # Create a new user. Note that we can set password to anything 690 # as it won't be checked, the password from settings.py will. 691 user = User(username=username, password='get from settings.py') 692 user.is_staff = True 693 user.is_superuser = True 694 user.save() 695 return user 696 return None 697 698 def get_user(self, user_id): 699 try: 700 return User.objects.get(pk=user_id) 701 except User.DoesNotExist: 702 return None 671 703 672 704 .. _django.contrib.auth.backends.SettingsBackend: http://code.djangoproject.com/browser/django/branches/magic-removal/django/contrib/auth/backends.py
