tags:

views:

160

answers:

4
+6  Q: 

Stack Overflow's User authentication style

I have to say, stack overflow's user authentication system is probably the best out there.

I truly admire using cookies to store anonymous's identity and was planning to do something like that for my sites too (since it is so convenient).

I am fluent in django and python, is that enough to build an authentication system which is based on cookies? (and if the user decides to sign up, a proper authentication system can be taken care by django).

I am interested in seeing how you guys would break down the implementation of this authentication system. I am not interested in knowing how to call OpenID's api etc.

A: 

SO uses OpenID, an open-source framework used for logins, simple user data retrieval, etc.

amphetamachine  2010-06-24 06:32:21
Yes, but it also remembers state for users that aren't even logged in.
Mark  2010-06-24 06:38:06
@Mark: That's how it retrieves the data; what you do with it (setting cookies, AJAX server "pings", etc.) is up to your site.
amphetamachine  2010-06-24 06:45:49
A: 

I recommend Django OpenID Auth combined with the OpenID Selector javascript widget. That's served me very well to create SO-like login. As far as tracking state in cookies, you can roll your own in Django very easily.

Gabriel Hurley  2010-06-24 07:27:58
+1  A: 

If you want to remember anything about a user that is not yet logged in, you have to remember it somewhere on the server. And what is a better place than where you keep information about users that are already registered?

The solution I used for one of my projects (written in django) was:

  1. When a not-registered user enters a site, do nothing (django session cookie gets installed on his browser automatically).
  2. When, for the first time, he does something that's worth remembering, create a User django object for him -- just generate the login and password in a way that allows your algorithms to recognize that this user hasn't created an account yet. Make django remember the user as if they logged in properly (so that when they enter the site again the next day, they are automatically logged in on the same anonymous account).
  3. When the user finally attempts to register, fill in their login and password in the existing User object instead of creating a new one.
  4. If a user makes something worth remembering and then logs in with their existing credentials, you can employ an algorithm that merges two users together (note that this might be somewhat complicated).
  5. Once a month (or more often if you have to), remove all data of users that were created anonymously and didn't use the site for a long time.

A convenient solution is to create an AnonymousUser class that is a subclass of django's User and make your application differentiate between the two.

DzinX  2010-06-24 07:34:22
A: 

Take a look at django-socialregistration

zalew  2010-06-25 04:11:30

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python