On Mon, Mar 18, 2013 at 5:49 AM, fire_water <nkl...@kent.edu> wrote: > Hello, > > I am fairly new to Django but have started developing my first app. The > app will require the general public to create an account before being > allowed to post comments on the website. > > After reading through The Django > Book<http://www.djangobook.com/en/2.0/chapter14.html>and The > Docs <https://docs.djangoproject.com/en/1.5/topics/auth/> , I think > Django's built-in User Authentication system might be the tool I need. If > so, I am a bit confused on the intended purpose of the Auth System probably > because I am used to only using it with Django's built-in Admin app. > > I am seeking clarification on the following points of confusion: > > 1. When I think of Django user authentication, I think of a very limited > number of special people (admins) with permission to access the Django > admin site. "Special people only" > > 2. When I think of allowing the general public to create an account and > authenticate with my website, I see that as something completely separate > from the Admin site and all of it's associated database tables. > Immediately, I think of creating a "users" table in myapp/models.py. > "General public only" > > But it almost sounds like admin and public accounts are both handled by > the Auth System and therefore live in the same database table. I would like > to get a solid understanding of this before I proceed any further with my > app. Thanks in advance for any clarification you can provide!
People visit your site. Each of them gets a User account. Some of them are staff, and have permission to view staff portions of the site (e.g., admin) or perform other administrative actions (e.g., workflows on the main site that don't exist for normal users). Others can only view the main site (or specific parts of the main site). You might have some special reason for wanting two different user tables, but as a general principle, I can't say I see the point. If you've got multiple user tables, then admin users who want to use the site need a second, completely separate account. You then need to track the correlation between Normal User accounts and Admin User accounts. It also means that content needs to be owned either by an admin user or a normal user. For example, consider a comment system -- comments have an author, but that author is a foreign key to a single table. If you've got two User tables, you can only link to one of them, so either admin users can't create comments, or admin users need two user accounts. So - in summary - although Django's admin users the auth.User model and table, there's nothing admin specific about it. It's a general purpose user table, and you can (and should) use it for your general site authentication. Yours, Russ Magee %-) -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
