Require login across entire site

Middleware that locks down an entire site, requiring the user to login to view any page. Great for development/beta-testing.

• middleware
• authentication
• login
• lockdown
• auth

Thu 20 Jun 2013 Read More

Authenticate against Active Directory

I put this in a file called auth.py, then referenced it in the settings.py like so: AUTHENTICATION_BACKENDS = ('myproject.myapp.auth.ActiveDirectoryBackend',) This has been tested on my office network, with the following setup: Django 0.96 Python 2.4.4 python-ldap Fedora Core 5 (On the server hosting Django) AD Native Mode 2 Windows 2003 AD servers

• auth
• ldap
• active-directory
• backend

Fri 01 Sep 2017 Read More

Facebook Authentication Backend

Authentication through Facebook's Graph API. See [http://developers.facebook.com/docs/authentication/](http://developers.facebook.com/docs/authentication/) [http://developers.facebook.com/docs/authentication/permissions](http://developers.facebook.com/docs/authentication/permissions) [http://developers.facebook.com/docs/api](http://developers.facebook.com/docs/api) [http://github.com/facebook/python-sdk/blob/master/examples/oauth/facebookoauth.py](http://github.com/facebook/python-sdk/blob/master/examples/oauth/facebookoauth.py) Define the facebook tokens in settings.py and replace <app_name> with the name of your app. You will probably want to modify the scope on the authorize link in the template, see the authentication permissions link. This updates the user model every time the user logs in but I think that it is okay so the data is always correct. I have tested this but not rigorously. If there is a hole and everyone gets admin rights to your site don't say I didn't warn you :). Comments are appreciated. 16 June 2010 Added missing imports. Cleaned up the template. Shouts out to @obeattie and @whalesalad

• graph
• authentication
• login
• auth
• facebook
• oauth

Wed 20 Sep 2017 Read More

newforms self-contained login form

A simple login form that does the actual authentification itself. **Usage:** if request.method == "POST": loginform = LoginForm(request.POST) if loginform.login(): return HttpResponseRedirect(redir_url) else: loginform = LoginForm()

• newforms
• login
• auth

Tue 02 Sep 2014 Read More

User from session key

This blog post outlined how to get the user from the session key: http://scottbarnham.com/blog/2008/12/04/get-user-from-session-key-in-django/ Unfortunately, it assumes DB-backed session and auth backends. This isn't required, so this snippet provides a backend-agnostic way to do the same thing. >>> skey = 'ea0ed02d35d43aeaf20b3ef516f51396' >>> user_from_session_key(skey) <User: jeremyd>

• session
• user
• auth

Sun 14 Jun 2015 Read More

Global custom permissions (no model association)

Example (in project/application/models.py): register_custom_permissions_simple((("is_editor", "User is editor"),)) In a view: if not request.user.has_perm('application.is_editor'): return HttpResonseRedirect(LoginUrl)

• auth
• permissions

Thu 11 May 2017 Read More

Use email addresses for user name for django 1.3

[Chris' code](http://djangosnippets.org/snippets/1845/) adapted to django 1.3. Basicly E-mail authorisation backend. Put it as one of your AUTHENTICATION_BACKENDS in settings.py: AUTHENTICATION_BACKENDS = ( 'community.auth.EmailBackend', )

• email
• auth
• backend
• authorisation

Tue 24 Jul 2012 Read More

login on activation with django-registration

Here's a signal handler to log a user in on registration activation. It took me an hour to figure out that I needed to put the user.backend in quotes and google wasn't being my friend. from [the django-registration documentation](http://docs.b-list.org/django-registration/0.8/faq.html): How do I log a user in immediately after registration or activation? You can most likely do this simply by writing a function which listens for the appropriate signal; your function should set the backend attribute of the user to the correct authentication backend, and then call django.contrib.auth.login() to log the user in.

• login
• auth
• django-registration

Fri 06 Sep 2013 Read More

Email or username authentication with masquerading

This backend will allow you to have users login using either their username or the email address as it is in the User model. In addition, it will allow anyone with the staff priveleges to login as another user. The method is to user the user you wish to masquerade as (either email/username) as the username and then a string of the format *username*/*password* as the password, where *username* is the username of the staff member, and *password* is their password.

• authentication
• email
• login
• auth
• backend

Wed 01 Jul 2015 Read More

Login with email or username

A simple backend which allows you to login with either an email address or a username. It should be combined with another backend for checking permissions: AUTHENTICATION_BACKENDS = ( 'myproject.accounts.backends.EmailOrUsernameModelBackend', 'django.contrib.auth.backends.ModelBackend' )

• email
• login
• auth
• backend

Wed 29 May 2019 Read More

UserForeignKey

Many models are tightly coupled to the default Django `User` model (`django.contrib.auth.models.User`). Sometimes this user model just doesn't fit everyone's needs. By using `UserForeignKey` it is possible to make the `User` model configurable, encouraging loose coupling. Additionally, this can help to prevent circular imports between `User` and another model. Use it like a standard `ForeignKey`... it accepts all the same arguments. If you want to use a `User` model other than the default, just add `USER_MODEL` to your settings file.... it uses dotted notation (`app_label.model_name`). Example: class BlogPost(models.Model): user = UserForeignKey(related_name="blog_posts") title = models.CharField(...) content = models.TextField(...)

• foreignkey
• user
• auth

Sun 11 Jul 2010 Read More

Auto Logout Middleware

This Middleware is to log users out after a certain amount of time has passed. You'll want to add AUTO_LOGOUT_DELAY to your settings.py, set to a number of minutes after which a user should be logged out. It adds the key 'last_touch' to the session, you'll want to change that if you happen to be using that already.

• middleware
• auth
• logout

Sun 11 Jul 2010 Read More

Require login by url

An example of using it in your settings.py: MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.middleware.doc.XViewMiddleware', 'util.loginmiddleware.RequireLoginMiddleware', ) LOGIN_REQUIRED_URLS = ( r'/payment/(.*)$', r'/accounts/home/(.*)$', r'/accounts/edit-account/(.*)$', ) In a nutshell this requires the user to login for any url that matches against whats listing in LOGIN_REQUIRED_URLS. The system will redirect to [LOGIN_URL](http://www.djangoproject.com/documentation/settings/#login-url)

• middleware
• authentication
• url
• login
• auth

Sun 11 Jul 2010 Read More

Auth decorators with 403

These decorators are based on user_passes_test and permission_required, but when a user is logged in and fails the test, it will render a 403 error instead of redirecting to login - only anonymous users will be asked to login.

• auth
• user_passes_test
• 403
• permission_required

Fri 17 Aug 2012 Read More

LoginAsForm - Login as any User without a password

Sometimes the only way to reproduce a bug on a production site is to login as the User who encountered it. This form allows you to login as any user on the site. **Usage** @staff_member_required def login_as(request, template="login_as.html"): data = request.POST or None form = LoginAsForm(data, request=request) if form.is_valid() form.save() return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL) ...

• forms
• login
• auth
• authenticate
• form
• auth.contrib

Wed 22 Jun 2011 Read More