CODEWITHSUNDEEP
pythondjangodjango-modelsdjango-admindjango-authentication
RadiantHex
RadiantHex

Reputation: 25547

Overriding authenticate method - Django admin

I'm trying to figure out how to enhance the authenticate method with additional functionality.

e.g.

It is pretty straight forward for the site's frontend, but what about the admin panel?

I reckon that I should override the User's Manager object, as authenticate probably resides there. This is quite a tough one to figure out I think.

Thanks in advance! :)

Upvotes: 5

Views: 3798

Answers (2)

eddie_c
eddie_c

Reputation: 3421

You can create custom authentication backend by following the instructions in http://docs.djangoproject.com/en/dev/topics/auth/#authentication-backends. Essentially, you create a backend class that has an authenticate method:

class MyBackend:
    def authenticate(self, username=None, password=None):
        # Check the username/password and return a User.

Then add the class to AUTHENTICATION_BACKENDS in settings.py.

Though this is for authentication, you could do all the password validation things you mentioned simply by redirecting a user to a change password page if the password is correct but expired, for instance. Consider using the messaging framework to give a user a hint about what is going on when directing him to a generic change password page.

Upvotes: 6

Jordan Reiter
Jordan Reiter

Reputation: 20992

If you want the validation for passwords to be built into the model, then you'll probably want to extend the django User model.

Otherwise, you could do the following:

  • override admin password options by creating your own views for changing and setting passwords, then putting the relevant URLS just above (r'^admin/', include(admin.site.urls)). Regex would look something like (r'^admin/auth/user/(\d+)/password/', new_change_password).
  • Keep track of password age in a separate model and then when they expire, redirect to a change password once it expires.

Upvotes: 0

Related Questions