Ideally should we be using django admin in production where admins and users are mixed in one table?

Question

Django newbie here.

Ideally should we be using django admin in production where admins and users are mixed in one table?

There are three types groups of people in the app I'm trying to write:

Admins:

1. super admins have all read write access
2. admins for all content providers with limited read write access

Normal users:

1. content providers (limited write access)
2. subscribers (read access only and configuration changes are permitted ex. settings, user preferences, subscriptions)

If the users were to be on the same table, then should we make a separate login screen from the admin login provided?

Meaning instead of using:

url(r'^admin/', include(admin.site.urls))

I would be creating a new module using something like:

url(r'^login/', include(login.urls))

Or should I be using:

url(r'^login/', include(admin.site.urls))

Thanks for your help everybody.

Answer 1

It's no problem that users with different permissions are mixed in one table. It's the permission system that controls what those users can and can't do. User objects have a is_staff property:

is_staff Boolean. Designates whether this user can access the admin site.

Create a separate view for your users (your audience) to login. This can be done in various ways. Read how: https://docs.djangoproject.com/en/1.6/topics/auth/default/

Django has a login view build in: https://github.com/django/django/blob/master/django/contrib/auth/views.py

In urls.py:

(r'^login/$', 'django.contrib.auth.views.login'),