Our proud SaaS cloud development environment runcode.io
Django

Custom Password Less Authentication in Django

2022-07-25

Authentication backends allow the ability to change what method checks your users credentials.

For web services, ie Facebook authentication, you don't have access to user data like a password. Without password(not like random string) we can't create a user in django. Facebook connect provides you details of the currently authenticated user.

Authentication backends allow the ability to change what method checks your users credentials.

An Example for the use of custom authentication backend:

For web services, ie Facebook authentication, you don't have access to user data like a password. Without password(not like random string) we can't create a user in django.

Facebook connect provides you details of the currently authenticated user. But to maintain the login_required decorator or to a user request.user you still need to have them logged in using Django. 
That's where the Authentication Backend comes in.

from django.contrib.auth.backends import ModelBackend
from peeldb.models import User


class PasswordlessAuthBackend(ModelBackend):
    """Log in to Django without providing a password.

    """
    def authenticate(self, username=None):
        try:
            return User.objects.get(username=username)
        except User.DoesNotExist:
            return None

    def get_user(self, user_id):
        try:
            return User.objects.get(pk=user_id)
        except User.DoesNotExist:
            return None

In your settings.py add

AUTHENTICATION_BACKENDS += (
    # ... your other backends
    'social.auth_backend.PasswordlessAuthBackend',
    # path to your custom authentication file
    # appname.filename.classname
)

Then to authenticate a registered user, we can override authenticate function without password in our views like

user = authenticate(username={{user_email}})

   login(request, user)