Hi, Here's my problem : my site has users, which can create projects, and access other user's projects. Each project can assign different rights to users. So, i could have Project A : user "John" is in group "manager" , and Project "B" user "John" is in group "worker". How could I use the Django User authentication model to do that ? ...
I am using authenticate() to authenticating users manually. Using admin interface I can see that there is no 'last_login' attribute for Users Debug traceback is : Environment: Request Method: GET Request URL: https://localhost/login/ Django Version: 1.1.1 Python Version: 2.6.5 Installed Applications: ['django.contrib.auth', 'django.c...
In case of views that contain login or logout, this sessionid is different from the one submitted in request's Coockie header. I need to retrieve it before returning response for some purpose. How can I do this ? ...
I have the following problem to solve. In my project users (defined by first name, last name and personal id number ) have the possibility to register accounts. Each registered user (let's call him 'user1') can also add data of up to 4 friends. Those friends then later can join the community themselves, and their profile should disappear...
I have a form in my Django app (not in admin) that allows staff members to select a user from a dropdown. forms.ModelChoiceField(queryset = User.objects.filter(is_staff=False), required = False) The problem is that the dropdown shows users by usernames whereas I'd rather it show their full name from user.get_full_name() and use userna...
Hi, I need to know how to start a session by Ajax in Django. I'm doing exactly as described bellow, but it is not working! The request is sent correctly, but don't start any session. If a request directly without ajax it works! What is going on? '# urls r'^logout/$', 'autenticacao.views.logout_view' '# view of login def login_view...
Instead of using django's auth module I've used my own and already regret it a lot. In an effort to rectify the situation, I'm trying to migrate the data from my User model to django.auth.models.User. I've created a data migration as follows: def forwards(self, orm): """Migrate user information from mooi User model to auth User mo...
When a user is not logged I'm trying to enter areas of site for authenticated users only I should be redirected to my login site with ?next= and here my LOGIN_REDIRECT_URL from settings. But instead of /users/login in my address bar /accounts/login is displayed. What should I change to get the right url ? settings : AUTH_PROFILE_MODULE...
How can auth can be configured or modified to disallow user sessions if the user's IP is not the same IP that he logged in with ? I really try to protect my Django site from XSS as much as I can. But I never can be sure that I covered all the bases. If worst comes to worst and someone is able to put some XSS in my site, at least this cou...
I'm about to create a site that has monitored registration in that only certain people are allowed to register. Undoubtedly some misfits will register despite any writing I put above the registration form so we're going with moderation. Upon registration a django.contrib.auth User and profile will be created and an email will be sent to...
A web app written in Python is planned, Django is a leading contender as framework. One requirement is CAC access, wihout the need to hand enter username and password. From what I can tell, CAC access is not part of the "batteries" included with Django. As a monolithic framework (not necessarily a bad attribute) Django has a rep for b...
How i know in server-side what authentication backend is for determinated user? ...
I've inherited a Django application which uses a custom form-less auth backend. It works around the 30 character limit in django.contrib.auth.models.User by a SQL hack ALTER TABLE auth_user MODIFY COLUMN username varchar(90);, which is of course only valid for the database, but not for forms. Since I'm trying to remove all the hacks from...
I have a set of URL's in my django application that trigger certain actions or processes. This would be similar to cron jobs. I have a script that polls one or more of these URLS at some regular inverval and I'm interested in adding a layer of security. I'd like to set up an account for the script and require authentication before the...
I currently manage a website, coded in django, that has 2 standard areas - the frontend and backoffice (which is built using django's admin interface). Recently the customer claimed he wanted 2 diffrent authentications - one for frontend users and another one - for people managing the backoffice. Until now they both used standard djan...
I have an app that serves pages like this /stage/stagename. stagename is variable. The URL mappers just look for a [0-9A-Za-z]+ to fill that slot. Now, because of my setup, My app will be rooted at /stage/stagename. I cannot change this (without massive changes to my setup which is too tedious right now and a last option). I need to u...