Home > Blockchain >  I am not using any authentication method to login in Django. I am using this function is it right?
I am not using any authentication method to login in Django. I am using this function is it right?

Time:07-16

'''
def login_action(request):
    if request.method != "POST":
        return HttpResponse("<h2>Method Not Allowed</h2>")
    else:
        user = Admin_user.objects.get(email_id=request.POST.get('email'), password=request.POST.get('password'))
        if user!=None:
            return HttpResponse("Loged IN")
        else:
            return HttpResponse("Not a User")
'''

this Method Works for me is it a right method. I don't use authenticate method because my models has 5 user type. can any one suggest me a method for 5 user type if my method is not right. Is there any security issues using this method

CodePudding user response:

You should absolutely use Django's authentication system instead of trying to create your own. If you need different user types then you can create user profiles that link to the user model.

https://docs.djangoproject.com/en/4.0/topics/auth/default/#authenticating-users

CodePudding user response:

The User.model of Django provides a groups field. Groups -Django Docs use this to declare certain User types/ groups. If you have additional Custom User Models i would recommend to use the User.primary_key in your custom other user models as foreign key.

Page link:https//www.codepudding.com/Blockchain/477062.html

Prev:laravel middleware always returns to login page, even if authenticated
Next:Springboot filter executed in case of permitAll urls as well
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding