2

After researching on ways to extend user table of auth app in django , I have decided to write my own auth app. These are the things which I need to do for replacing the contrib.auth app:

  1. Create an AuthenticationMiddleware class and add an MyAuth.models.User object in every request instead of django.auth.models.User and point to it in settings file.
  2. Create a custom AuthenticationBackend.
  3. Create AuthenticationContextProcessors and similarly point to them in settings file.

Questions:

  1. Do I need to do any editing in any other app or session middleware class?
  2. The basic reason of writing my own auth app is not having enough fields in the user table and I don't like the idea of user_profile. I have noticed that we add user object to every request so that I can use that in sessions. But If I add more fields in user table then user object will get bigger and if added to every request will only increase the load. Am I right? Will increasing the size of the user object pose any load problems? Or will the effect be negligible?
Jan Pöschko
  • 5,412
  • 1
  • 28
  • 28
codecool
  • 5,886
  • 4
  • 29
  • 40
  • What exactly, do you not like about user_profile? It isn't perfect, but at least for me, it works well enough (compared to the pain of re-writing a whole *auth* app). – John C Oct 12 '11 at 12:23
  • Maintaining user data in two tables and extra joins. I have to put manytomany field in other table instead of user table which does not feel right. But all this is my opinion so no point in discussing it. My question is are there any pitfalls in my scheme mentioned above besides taking the pain of writing an app again? – codecool Oct 12 '11 at 12:37
  • don't forget to include [CSRF](https://docs.djangoproject.com/en/dev/topics/security/) in your custom middleware ;) – dani herrera Dec 14 '11 at 22:19

0 Answers0