Search code examples
pythondjangodjango-authenticationcustom-authentication

How to call the authenticate() method of Custom written AuthenticationBackend of django in views.py?


I am working on a Django project in which I have defined a custom user model for which I have required to write the custom authentication method, by following the documentation I have written it like following But I have a problem in calling it in the views.py kindly help me by looking in the following code
I have defined my custom backend as follows
My Custom Authentication Backend

from django.contrib.auth.backends import BaseBackend
from .models import User
from IntellerMatrix.CommonUtilities.constants import Constants


class AuthenticationBackend(BaseBackend):
    """
    Authentication Backend
    :To manage the authentication process of user
    """

    def authenticate(self, email=None, password=None):
        user = User.objects.get(email=email)
        if user is not None and user.check_password(password):
            if user.is_active == Constants.YES:
                return user
            else:
                return "User is not activated"
        else:
            return None

    def get_user(self, user_id):
        try:
            return User.objects.get(pk=user_id)
        except User.DoesNotExist:
            return None

settings.py

AUTHENTICATION_BACKENDS = ['Modules.users.authentication.AuthenticationBackend',
                           'django.contrib.auth.backends.ModelBackend', ]

Views.py

def login(request):
    email = '[email protected]'
    password = 'ali'
    user = # how to call here that custom authentication backend's authenticate method

    if user is None:
        return HttpResponse("<p>Not Valid</p>")
    else:
        return HttpResponse(user)

Solution

  • You can call the authenticate(..) function [Django-doc]

    Use authenticate() to verify a set of credentials. It takes credentials as keyword arguments, username and password for the default case, checks them against each authentication backend, and returns a User object if the credentials are valid for a backend. So:

    from django.contrib.auth import authenticate
    
    def login(request):
        email = '[email protected]'
        password = 'ali'
        user = authenticate(request, email=email, password=password)
    
        if user is None:
            return HttpResponse('<p>Not Valid</p>')
        else:
            return HttpResponse(user)

    Note that the authentication method you implement can not return a string. As the documentation on writing an authentication backend says:

    (…)

    Either way, authenticate() should check the credentials it gets and return a user object that matches those credentials if the credentials are valid. If they’re not valid, it should return None.

    class AuthenticationBackend(BaseBackend):
        """
        Authentication Backend
        :To manage the authentication process of user
        """
    
        def authenticate(self, request, email=None, password=None):
            try:
                user = User.objects.get(email=email)
            except User.DoesNotExist:
                return None
            if user is not None and user.check_password(password):
                if user.is_active == Constants.YES:
                    return user
            return None

    Furthermore this does not logs in your use, this simply checks if the credentials are valid. So you still need to call the login(..) function [Django-doc] if you want to log in the user.