I am working on a Django project in which I have defined a custom user model for which I have required to write the custom authentication method, by following the documentation I have written it like following But I have a problem in calling it in the views.py kindly help me by looking in the following code
I have defined my custom backend as follows
My Custom Authentication Backend
from django.contrib.auth.backends import BaseBackend
from .models import User
from IntellerMatrix.CommonUtilities.constants import Constants
class AuthenticationBackend(BaseBackend):
"""
Authentication Backend
:To manage the authentication process of user
"""
def authenticate(self, email=None, password=None):
user = User.objects.get(email=email)
if user is not None and user.check_password(password):
if user.is_active == Constants.YES:
return user
else:
return "User is not activated"
else:
return None
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
settings.py
AUTHENTICATION_BACKENDS = ['Modules.users.authentication.AuthenticationBackend',
'django.contrib.auth.backends.ModelBackend', ]
Views.py
def login(request):
email = '[email protected]'
password = 'ali'
user = # how to call here that custom authentication backend's authenticate method
if user is None:
return HttpResponse("<p>Not Valid</p>")
else:
return HttpResponse(user)
You can call the authenticate(..)
function [Django-doc]
Use
authenticate()
to verify a set of credentials. It takes credentials as keyword arguments,username
andpassword
for the default case, checks them against each authentication backend, and returns aUser
object if the credentials are valid for a backend. So:
from django.contrib.auth import authenticate
def login(request):
email = '[email protected]'
password = 'ali'
user = authenticate(request, email=email, password=password)
if user is None:
return HttpResponse('<p>Not Valid</p>')
else:
return HttpResponse(user)
Note that the authentication method you implement can not return a string. As the documentation on writing an authentication backend says:
(…)
Either way,
authenticate()
should check the credentials it gets and return a user object that matches those credentials if the credentials are valid. If they’re not valid, it should returnNone
.
class AuthenticationBackend(BaseBackend):
"""
Authentication Backend
:To manage the authentication process of user
"""
def authenticate(self, request, email=None, password=None):
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
return None
if user is not None and user.check_password(password):
if user.is_active == Constants.YES:
return user
return None
Furthermore this does not logs in your use, this simply checks if the credentials are valid. So you still need to call the login(..)
function [Django-doc] if you want to log in the user.