An example of using it in your settings.py:
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.middleware.doc.XViewMiddleware',
'util.loginmiddleware.RequireLoginMiddleware',
)
LOGIN_REQUIRED_URLS = (
r'/payment/(.*)$',
r'/accounts/home/(.*)$',
r'/accounts/edit-account/(.*)$',
)
In a nutshell this requires the user to login for any url that matches against whats listing in LOGIN_REQUIRED_URLS. The system will redirect to [LOGIN_URL](http://www.djangoproject.com/documentation/settings/#login-url)
To create a lower entry barrier to logging into our intranet I created a very simple backend using Google Apps Premium provisioning API (http://code.google.com/apis/apps/gdata_provisioning_api_v2.0_reference.html).
This enables controlling access for your users based on their status in your Google Apps instance. *(NOTE! Since the provisioning API is only available in the Premium version of Google Apps you first need to upgrade if you haven't done so already)*
Requirements:
You need Google Data libraries for python. They can be downloaded from http://code.google.com/p/gdata-python-client/downloads/list
Google Apps Premium -- User used by the script must have admin rights
I needed to be able to synchronize my LDAP users and groups to the Django database. This may not be as efficient as some might like but it works like a charm. It returns a list of messages that I pipe into request.user.messages in my template.
Simple decorator that checks for authentication and activation of account and redirect to login or activation page if needed
Your ulrsconf file must have named urls with parameters that you call that decorator
Dont forget to import reverse function
from django.core.urlresolvers import reverse
This function generate an username based on the user's full name. First it tries to use the first name first letter plus the last name, second it tires the first name plus the last name first latter, and at last it tries to use the first name with a sequential number at the end.
The username generated are all lowercase and ASCII only characters.
A simple adaptation of RegistrationFormUniqueEmail from django-registration http://code.google.com/p/django-registration to allow users to register without using a username. This works great with the code from this comment: http://www.djangosnippets.org/snippets/74/#c195 to allow users to completely eliminate the need for a username.
**This is an alternative to User.get_profile.**
Rather than having you call `User.get_profile` directly, this retrieves the profile instance for a `User` and attaches the fields from the profile to the `User` object when instantiated. The special methods for `DateField`, `FileField`, `ImageField` and fields with `choices` are also created.
Since the profile object still has to be retrieved from the database before its fields can be added to the `User`, the costs for using this might outweigh the rewards unless you are heavily using profiles.
To install, place it in a module on your `PYTHONPATH` and add it to `INSTALLED_APPS`.
Many models are tightly coupled to the default Django `User` model (`django.contrib.auth.models.User`).
Sometimes this user model just doesn't fit everyone's needs. By using `UserForeignKey` it is possible to make the `User` model configurable, encouraging loose coupling.
Additionally, this can help to prevent circular imports between `User` and another model.
Use it like a standard `ForeignKey`... it accepts all the same arguments.
If you want to use a `User` model other than the default, just add `USER_MODEL` to your settings file.... it uses dotted notation (`app_label.model_name`).
Example:
class BlogPost(models.Model):
user = UserForeignKey(related_name="blog_posts")
title = models.CharField(...)
content = models.TextField(...)
I put this in a file called auth.py, then referenced it in the settings.py like so:
AUTHENTICATION_BACKENDS = ('myproject.myapp.auth.ActiveDirectoryBackend',)
This has been tested on my office network, with the following setup:
Django 0.96
Python 2.4.4
python-ldap
Fedora Core 5 (On the server hosting Django)
AD Native Mode
2 Windows 2003 AD servers
This Middleware is to log users out after a certain amount of time has passed. You'll want to add AUTO_LOGOUT_DELAY to your settings.py, set to a number of minutes after which a user should be logged out.
It adds the key 'last_touch' to the session, you'll want to change that if you happen to be using that already.
decorator which performs basic http auth authentication against the known userbase. This decorator is only for xml-rpc services. When there is no basic auth a proper response will be returned
This tag builds on top of the [ifusergroup tag](http://www.djangosnippets.org/snippets/282/), fixes a small bug and introduces support for else blocks.
This handler is useful if you serve static/media files directly from Apache only to authenticated users. It checks if a user is not anonymous (and therefore logged in) and redirects to the login site if needed.
The following apache config activates the handler:
<Location "/site_media/company1">
#SetHandler None ##Uncomment if you serve static files in the same virtual host
PythonOption DJANGO_SETTINGS_MODULE mysite.settings
PythonAuthenHandler mysite.myhandler
PythonPath "['/path/to/project'] + sys.path"
Require valid-user
</Location>
Example (in project/application/models.py):
register_custom_permissions_simple((("is_editor", "User is editor"),))
In a view:
if not request.user.has_perm('application.is_editor'):
return HttpResonseRedirect(LoginUrl)