- Timestamp:
- 06/17/07 17:18:54 (2 years ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
django/branches/per-object-permissions/docs/authentication.txt
r4096 r5488 87 87 myuser.groups.remove(group, group,...) 88 88 myuser.groups.clear() 89 myuser. permissions = [permission_list]90 myuser. permissions.add(permission, permission, ...)91 myuser. permissions.remove(permission, permission, ...]92 myuser. permissions.clear()89 myuser.user_permissions = [permission_list] 90 myuser.user_permissions.add(permission, permission, ...) 91 myuser.user_permissions.remove(permission, permission, ...] 92 myuser.user_permissions.clear() 93 93 94 94 In addition to those automatic API methods, ``User`` objects have the following … … 145 145 doesn't allow profiles. 146 146 147 .. _Django model: http://www.djangoproject.com/documentation/model_api/148 .. _DEFAULT_FROM_EMAIL: http://www.djangoproject.com/documentation/settings/#default-from-email147 .. _Django model: ../model-api/ 148 .. _DEFAULT_FROM_EMAIL: ../settings/#default-from-email 149 149 150 150 Manager functions … … 205 205 That's hashtype, salt and hash, separated by the dollar-sign character. 206 206 207 Hashtype is either ``sha1`` (default) or ``md5`` -- the algorithm used to 208 perform a one-way hash of the password. Salt is a random string used to salt 209 the raw password to create the hash. 207 Hashtype is either ``sha1`` (default), ``md5`` or ``crypt`` -- the algorithm 208 used to perform a one-way hash of the password. Salt is a random string used 209 to salt the raw password to create the hash. Note that the ``crypt`` method is 210 only supported on platforms that have the standard Python ``crypt`` module 211 available, and ``crypt`` support is only available in the Django development 212 version. 210 213 211 214 For example:: … … 272 275 # Do something for anonymous users. 273 276 274 .. _request objects: http://www.djangoproject.com/documentation/request_response/#httprequest-objects275 .. _session documentation: http://www.djangoproject.com/documentation/sessions/277 .. _request objects: ../request_response/#httprequest-objects 278 .. _session documentation: ../sessions/ 276 279 277 280 How to log a user in … … 318 321 # Return an 'invalid login' error message. 319 322 323 Manually checking a user's password 324 ----------------------------------- 325 326 If you'd like to manually authenticate a user by comparing a 327 plain-text password to the hashed password in the database, use the 328 convenience function `django.contrib.auth.models.check_password`. It 329 takes two arguments: the plain-text password to check, and the full 330 value of a user's ``password`` field in the database to check against, 331 and returns ``True`` if they match, ``False`` otherwise. 332 320 333 How to log a user out 321 334 --------------------- … … 378 391 ``login_required`` does the following: 379 392 380 * If the user isn't logged in, redirect to ``/accounts/login/``, passing 381 the current absolute URL in the query string as ``next``. For example: 393 * If the user isn't logged in, redirect to ``settings.LOGIN_URL`` 394 (``/accounts/login/`` by default), passing the current absolute URL 395 in the query string as ``next``. For example: 382 396 ``/accounts/login/?next=/polls/3/``. 383 397 * If the user is logged in, execute the view normally. The view code is 384 398 free to assume the user is logged in. 385 399 386 Note that you'll need to map the appropriate Django view to `` /accounts/login/``.387 To do this, add the following line to your URLconf::400 Note that you'll need to map the appropriate Django view to ``settings.LOGIN_URL``. 401 For example, using the defaults, add the following line to your URLconf:: 388 402 389 403 (r'^accounts/login/$', 'django.contrib.auth.views.login'), 390 404 391 Here's what ``django.contrib.auth.views.login`` does: :405 Here's what ``django.contrib.auth.views.login`` does: 392 406 393 407 * If called via ``GET``, it displays a login form that POSTs to the same … … 396 410 * If called via ``POST``, it tries to log the user in. If login is 397 411 successful, the view redirects to the URL specified in ``next``. If 398 ``next`` isn't provided, it redirects to `` /accounts/profile/`` (which is399 currently hard-coded). If login isn't successful, it redisplays the login400 form.412 ``next`` isn't provided, it redirects to ``settings.LOGIN_REDIRECT_URL`` 413 (which defaults to ``/accounts/profile/``). If login isn't successful, 414 it redisplays the login form. 401 415 402 416 It's your responsibility to provide the login form in a template called … … 442 456 {% endblock %} 443 457 444 .. _forms documentation: http://www.djangoproject.com/documentation/forms/ 445 .. _site framework docs: http://www.djangoproject.com/documentation/sites/ 458 .. _forms documentation: ../forms/ 459 .. _site framework docs: ../sites/ 460 461 Other built-in views 462 -------------------- 463 464 In addition to the `login` view, the authentication system includes a 465 few other useful built-in views: 466 467 ``django.contrib.auth.views.logout`` 468 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 469 470 **Description:** 471 472 Logs a user out. 473 474 **Optional arguments:** 475 476 * ``template_name``: The full name of a template to display after 477 logging the user out. This will default to 478 ``registration/logged_out.html`` if no argument is supplied. 479 480 **Template context:** 481 482 * ``title``: The string "Logged out", localized. 483 484 ``django.contrib.auth.views.logout_then_login`` 485 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 486 487 **Description:** 488 489 Logs a user out, then redirects to the login page. 490 491 **Optional arguments:** 492 493 * ``login_url``: The URL of the login page to redirect to. This 494 will default to ``settings.LOGIN_URL`` if not supplied. 495 496 ``django.contrib.auth.views.password_change`` 497 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 498 499 **Description:** 500 501 Allows a user to change their password. 502 503 **Optional arguments:** 504 505 * ``template_name``: The full name of a template to use for 506 displaying the password change form. This will default to 507 ``registration/password_change_form.html`` if not supplied. 508 509 **Template context:** 510 511 * ``form``: The password change form. 512 513 ``django.contrib.auth.views.password_change_done`` 514 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 515 516 **Description:** 517 518 The page shown after a user has changed their password. 519 520 **Optional arguments:** 521 522 * ``template_name``: The full name of a template to use. This will 523 default to ``registration/password_change_done.html`` if not 524 supplied. 525 526 ``django.contrib.auth.views.password_reset`` 527 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 528 529 **Description:** 530 531 Allows a user to reset their password, and sends them the new password 532 in an email. 533 534 **Optional arguments:** 535 536 * ``template_name``: The full name of a template to use for 537 displaying the password reset form. This will default to 538 ``registration/password_reset_form.html`` if not supplied. 539 540 * ``email_template_name``: The full name of a template to use for 541 generating the email with the new password. This will default to 542 ``registration/password_reset_email.html`` if not supplied. 543 544 **Template context:** 545 546 * ``form``: The form for resetting the user's password. 547 548 ``django.contrib.auth.views.password_reset_done`` 549 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 550 551 **Description:** 552 553 The page shown after a user has reset their password. 554 555 **Optional arguments:** 556 557 * ``template_name``: The full name of a template to use. This will 558 default to ``registration/password_reset_done.html`` if not 559 supplied. 560 561 ``django.contrib.auth.views.redirect_to_login`` 562 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 563 564 **Description:** 565 566 Redirects to the login page, and then back to another URL after a 567 successful login. 568 569 **Required arguments:** 570 571 * ``next``: The URL to redirect to after a successful login. 572 573 **Optional arguments:** 574 575 * ``login_url``: The URL of the login page to redirect to. This 576 will default to ``settings.LOGIN_URL`` if not supplied. 577 578 Built-in manipulators 579 --------------------- 580 581 If you don't want to use the built-in views, but want the convenience 582 of not having to write manipulators for this functionality, the 583 authentication system provides several built-in manipulators: 584 585 * ``django.contrib.auth.forms.AdminPasswordChangeForm``: A 586 manipulator used in the admin interface to change a user's 587 password. 588 589 * ``django.contrib.auth.forms.AuthenticationForm``: A manipulator 590 for logging a user in. 591 592 * ``django.contrib.auth.forms.PasswordChangeForm``: A manipulator 593 for allowing a user to change their password. 594 595 * ``django.contrib.auth.forms.PasswordResetForm``: A manipulator 596 for resetting a user's password and emailing the new password to 597 them. 598 599 * ``django.contrib.auth.forms.UserCreationForm``: A manipulator 600 for creating a new user. 446 601 447 602 Limiting access to logged-in users that pass a test … … 486 641 487 642 ``user_passes_test()`` takes an optional ``login_url`` argument, which lets you 488 specify the URL for your login page (`` /accounts/login/`` by default).643 specify the URL for your login page (``settings.LOGIN_URL`` by default). 489 644 490 645 Example in Python 2.3 syntax:: … … 530 685 531 686 As in the ``login_required`` decorator, ``login_url`` defaults to 532 `` '/accounts/login/'``.687 ``settings.LOGIN_URL``. 533 688 534 689 Limiting access to generic views … … 545 700 return object_detail(*args, **kwargs) 546 701 547 .. _generic view: http://www.djangoproject.com/documentation/generic_views/702 .. _generic view: ../generic_views/ 548 703 549 704 Permissions … … 576 731 ------------------- 577 732 578 Three basic permissions -- add, c reate and delete -- are automatically created733 Three basic permissions -- add, change and delete -- are automatically created 579 734 for each Django model that has a ``class Admin`` set. Behind the scenes, these 580 735 permissions are added to the ``auth_permission`` database table when you run … … 607 762 ``syncdb``. 608 763 609 .. _model Meta attribute: http://www.djangoproject.com/documentation/model_api/#meta-options764 .. _model Meta attribute: ../model-api/#meta-options 610 765 611 766 API reference … … 646 801 For more, see the `RequestContext docs`_. 647 802 648 .. _RequestContext docs: http://www.djangoproject.com/documentation/templates_python/#subclassing-context-requestcontext803 .. _RequestContext docs: ../templates_python/#subclassing-context-requestcontext 649 804 650 805 Users … … 692 847 {% endif %} 693 848 694 .. _template context: http://www.djangoproject.com/documentation/templates_python/849 .. _template context: ../templates_python/ 695 850 696 851 Groups … … 757 912 database. To send messages to anonymous users, use the `session framework`_. 758 913 759 .. _session framework: http://www.djangoproject.com/documentation/sessions/914 .. _session framework: ../sessions/ 760 915 761 916 Other authentication sources … … 814 969 815 970 class MyBackend: 816 def authenticate( username=None, password=None):971 def authenticate(self, username=None, password=None): 817 972 # Check the username/password and return a User. 818 973 … … 820 975 821 976 class MyBackend: 822 def authenticate( token=None):977 def authenticate(self, token=None): 823 978 # Check the token and return a User. 824 979
