Reputation: 4811
Django adding Remote Users with admin site
I am running a Django site on a Shibboleth-enabled server, thus using the Remote User authentication backend. All users are authenticated via this service (like LDAP). This works for me. My site is locked down, however, so that only users that belong to the staff group can access the views--so this requires a "superuser" to go into the database or admin site and change the users to staff. I would like to turn this workflow around so that I can pre-create / pre-authorize remote users in the Django admin site, so when they try to log in for the first time, they don't have to wait for someone to flip the "staff" flag on their account.
The problem is that the Django admin site expects you to put in a password for all new users. In my database, though, remote users have blank password fields--and while it seems like the contents of the password field do not matter for remote authentication, I would prefer that the super-admins not have to set "fake" passwords for everyone.
If I create the users directly in the MySQL database, I can create remote users just fine, because I can leave the password field blank. However, I would prefer not to hand out direct database access to the other super-admins.
I have tried removing the password field from the admin site per this SO post. But it still comes back with a validation error that I am missing a field (i.e. password).
My admin.py:
from django.contrib.auth.admin import UserAdmin
from django.contrib.auth.models import User
admin.site.unregister(User)
class MyUserAdmin(UserAdmin):
add_fieldsets = (
(None, {
'classes': ('wide',),
'fields': ('username', 'email',)}
),
)
admin.site.register(User, MyUserAdmin)
Question: What is the best way to pre-populate authorized remote users in a Django setup? I am running 1.5.1 with MySQL. If I create a custom add-user view, is that the easiest way? Or is there a way to utilize the existing Django admin view somehow?
Thanks!
Upvotes: 4
Views: 1916
Answers (1)
Reputation: 308939
Create your own UserCreationForm. Use Django's implementation as a guide, but leave out the password fields and the set_password call in the save method.
Then tell your MyUserAdmin to use your custom user creation form.
class MyUserAdmin(UserAdmin):
add_form = MyUserCreationForm
Upvotes: 2
Related Questions
- Django: add user on admin page using custom user model
- django sign up user in admin site with generated password
- Django Admin: Creating users in the browser
- Django remote user authentication and security
- How to add a user to django site, when using remote auth backend?
- Clean way to allow django users to login the admin and create new users?
- Using Django Admin Page to Add Users with other AUTHENTICATION_BACKEND
- Help with Django RemoteUserMiddleware RemoteUserBackend with fresh database
- How do I authenticate remotely in Django?
- Django Admin Individual Access