Django Authentication

Django Authentication

During the last few months, I got to work on a couple of authentication systems such as SAML SSO (Single Sign-On) and LDAP SSO. This has got me interested in authentication system in general and also gave me some chances to look around codebase of some libraries such as django, django-auth-ldap, djangosaml2.

Django authentication support is available as:

Bundles

• django.contrib.auth:
  • the core of authentication framework and default models
• django.contrib.contenttypes
  • content type system that allows permissions to be associated wth models

Middleware

• SessionMiddleware to manage sessions across requests
• AuthenticationMiddleware to associate users with requests using sessions

Installation

With the above settings in place, when we run manage.py migrate, it will creates the necessary database tables for authentication related models and permissions.

Authentication and Authorization

“Briefly, authentication verifies a uer is who they claim to be, and authorization determines what an authenticated user is allowed to do.”

References

• User Authentication in Django