Basic Usage¶
Create User¶
from django.contrib.auth import get_user_model
user = get_user_model().objects.create_user(...)
- FlexUserManager.create_user(username=None, email=None, phone=None, password=None, **extra_fields)¶
Create a user. You must supply at least one of
username
,email
, orphone
.If
password
is None, the user’s password will be set usingset_unusable_password()
.Warning
This method does not run
AUTH_PASSWORD_VALIDATORS
againstpassword
. It’s the caller’s responsibility to run password validators before calling this method.- Parameters
username (str, optional) – The username for the user, defaults to None.
email (str, optional) – The email address for the user, defaults to None.
phone (str, optional) – The phone number for the user, defaults to None.
password (str, optional) – The password for the user, defaults to None.
extra_fields (dict, optional) – Additional model fields you wish to set for the user.
- Raises
ValidationError – If any of the supplied parameters fails model field validation (e.g. the supplied phone number is already in use by another user, the supplied username is invalid, etc.)
- Returns
The newly created user.
- Return type
FlexUser
Create Super User¶
from django.contrib.auth import get_user_model
user = get_user_model().objects.create_superuser(...)
- FlexUserManager.create_superuser(username=None, email=None, phone=None, password=None, **extra_fields)¶
Create a super user. You must supply at least one of
username
,email
, orphone
.If
password
is None, the user’s password will be set usingset_unusable_password()
.Warning
This method does not run
AUTH_PASSWORD_VALIDATORS
againstpassword
. It’s the caller’s responsibility to run password validators before calling this method.- Parameters
username (str, optional) – The username for the user, defaults to None.
email (str, optional) – The email address for the user, defaults to None.
phone (str, optional) – The phone number for the user, defaults to None.
password (str, optional) – The password for the user, defaults to None.
extra_fields (dict, optional) – Additional model fields you wish to set for the user.
- Raises
ValidationError – If any of the supplied parameters fails model field validation (e.g. the supplied phone number is already in use by another user, the supplied username is invalid, etc.)
- Returns
The newly created user.
- Return type
FlexUser
Authenticate User¶
To authenticate a user call django.contrib.auth.authenticate()
.
It takes credentials as keyword arguments and checks them against each authentication backend in
AUTHENTICATION_BACKENDS
. If the credentials are valid for a backend, it returns a FlexUser
object. If the credentials arent valid for any backend or if a backend
raises PermissionDenied
, it returns None.
For example:
from django.contrib.auth import authenticate
user = authenticate(email='alice@example.com', password='password')
if user is not None:
# A backend authenticated the credentials
else:
# No backend authenticated the credentials
- auth.authenticate(**credentials)¶
If the given credentials are valid, return a User object.
One-time Passwords (OTP)¶
One-time passwords are based around the concept of a security token. A security token is a piece of hardware or software which generates one-time passwords in conjunction with a server. One common security token is Google Authenticator, a software application which runs on mobile platforms.
An email address or phone number can also act as a security token by generating a random password on the server and
sending it to the email address or phone number respectively. django_flex_user
implements
EmailToken
and PhoneToken
which does just
that. These modules are used to verify email addresses and phone numbers, as well as to authorize password resets.
EmailToken¶
Generate One-Time Password¶
from django.contrib.auth import get_user_model
# Create a user with an email address, an EmailToken object will be created for them automatically
user = get_user_model().objects.create_user(email='alice@example.com', password='password')
# Get the user's security token
email_token = user.emailtoken_set.first()
# Generate a one-time password
email_token.generate_password()
# Email the one-time password to alice@example.com
email_token.send_password()
Check One-Time Password¶
from django_flex_user.models.otp import EmailToken, TimeoutError
...
# Get the security token
email_token = EmailToken.objects.get(id=id)
try:
success = email_token.check_password(...)
except TimeoutError:
# There have been too many check_password() attempts
else:
if success:
# The password is correct
else:
# The password is incorrect or has expired
PhoneToken¶
Generate One-Time Password¶
from django.contrib.auth import get_user_model
# Create a user with a phone number, a PhoneToken object will be created for them automatically
user = get_user_model().objects.create_user(phone='+12025551234', password='password')
# Get the user's security token
phone_token = user.phonetoken_set.first()
# Generate a one-time password
phone_token.generate_password()
# Send the one-time password to +12025551234 via SMS
phone_token.send_password()
Check One-Time Password¶
from django_flex_user.models.otp import PhoneToken, TimeoutError
...
# Get the security token
phone_token = PhoneToken.objects.get(id=id)
try:
success = phone_token.check_password(...)
except TimeoutError:
# There have been too many check_password() attempts
else:
if success:
# The password is correct
else:
# The password is incorrect or has expired