Thank you so much for all this info. This really clarified things for me. On Tuesday, April 4, 2017 at 1:42:44 AM UTC-4, Antonis Christofides wrote: > > Hello, > > this is far from an incredibly stupid question. > > As you know, RDBMS's keep their own list of users and have sophisticated > permissions systems with which different users have different permissions > on different tables. This is particularly useful in desktop applications > that connect directly to the database. Web applications changed that. > Instead of the RDBMS managing the users and their permissions, we have a > single RDBMS user as which Django connects to the RDBMS, and this user has > full permissions on the database. The actual users and their permissions > are managed by Django itself (more precisely, by the included Django app > django.contrib.auth), using database tables created by Django. What a user > can or cannot do is decided by Django, not by the RDBMS. This is a pity > because django.contrib.auth (or the equivalent in other web frameworks) > largely duplicates functionality that already exists in the RDBMS, and > because having the RDBMS check the permissions is more robust and more > secure. I believe that the reason web frameworks were developed this way is > independence from any specific RDBMS, but I don't really know. > > So the canonical way of working is to have a single *database user* as > which Django logs on to the database, with full permissions on the database > (including permission to create and delete tables), and many *Django > users*, each one with different permissions. Typically only one Django > superuser is created. I call the superuser "admin", which I believe is the > common practice. > > You can probably do things differently, and maybe there exist custom > database backends that would allow you to switch the database user on > login, but if there's no compelling reason you should really stick to the > canonical way. > > Regards, > > A. > > Antonis Christofideshttp://djangodeployment.com > > > On 04/03/2017 09:50 PM, alkha...@mymail.vcu.edu <javascript:> wrote: > > Hey everyone, > > I'm new to Django and web development overall so please bare with me. I > may be asking an incredibly stupid question. > > In the DATABASES dictionary in settings.py: > > DATABASES = { > 'default': { > 'NAME': 'something', > 'ENGINE': 'django.db.backends.mysql', > 'USER': 'mysql_user', > 'PASSWORD': 'blahblah' > } > > Is it possible for me to add more then one user and password? I am working > with a team and we all have seperate mysql users. Also, is it preferred to > just have one super user for Django? > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users...@googlegroups.com <javascript:>. > To post to this group, send email to django...@googlegroups.com > <javascript:>. > Visit this group at https://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/075b8505-df99-425f-8fc8-0873f6f78c64%40googlegroups.com > > <https://groups.google.com/d/msgid/django-users/075b8505-df99-425f-8fc8-0873f6f78c64%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > >
-- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/7c75448e-2b1a-45cc-a825-3929419d667b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
