Authentication backends allow the ability to change what method checks your users credentials.
An Example for the use of custom authentication backend:
For web services, ie Facebook authentication, you don't have access to user data like a password. Without password(not like random string) we can't create a user in django.
Facebook connect provides you details of the currently authenticated user. But to maintain the login_required decorator or to a user request.user you still need to have them logged in using Django.
That's where the Authentication Backend comes in.
from django.contrib.auth.backends import ModelBackend
from peeldb.models import User
class PasswordlessAuthBackend(ModelBackend):
"""Log in to Django without providing a password.
"""
def authenticate(self, username=None):
try:
return User.objects.get(username=username)
except User.DoesNotExist:
return None
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return NoneIn your settings.py add
AUTHENTICATION_BACKENDS += (
# ... your other backends
'social.auth_backend.PasswordlessAuthBackend',
# path to your custom authentication file
# appname.filename.classname
)Then to authenticate a registered user, we can override authenticate function without password in our views like
user = authenticate(username={{user_email}})
login(request, user)