I think I've found the necessary tools making the Django login to work per site basis:
1. Create own login view that calls the auth backend with authenticate(site_id, username, password) 2. Create own auth backend that takes site_id, username and password (also checks permissions by site) 3. *) Create own auth middleware that creates request.user (Django's own authentication middleware and backend does has a shortcoming *) 4. Create models for per site permissions (UserSite and GroupSite): class UserSite(models.Model): user, site, is_superuser, is_active, permissions --------- * The shortcoming in Django authentication middleware, it relies on this function django.contrib.auth.get_user: def get_user(request): ... user = backend.get_user(user_id) or AnonymousUser() ... If this were something like this: user = backend.get_user(user_id, request=request) or AnonymousUser() The backend could verify that the user_id is authenticated with this site's request. -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.