I am relatively new to Django. I am user a remote auth backend, but I am wondering if there is a way that I can restrict users that do not have permissions, gotten from REMOTE_USER. Is it similar to the way you do it with a Django Auth system?
Right now everyone who is logged in on my auth backend can access my site.
I want to grant certain users permissions before they login, and deny all other users. Is there a way in which I can do this?
Django's standard user model has is_staff and is_superuser attributes that can easily be toggled.
If you use your remote auth backend for authentication and are still using the django User model you can easily re-use some of this built-in functionality, such as the staff_member_required decorator:
from django.contrib.admin.views.decorators import staff_member_required
@staff_member_required
def staff_view(request..):
...