Innovate anywhere, anytime withruncode.io Your cloud-based dev studio.
Django

Custom Password Less Authentication in Django

2022-07-25

Authentication backends allow the ability to change what method checks your users credentials.

An Example for the use of custom authentication backend:

For web services, ie Facebook authentication, you don't have access to user data like a password. Without password(not like random string) we can't create a user in django.

Facebook connect provides you details of the currently authenticated user. But to maintain the login_required decorator or to a user request.user you still need to have them logged in using Django. 
That's where the Authentication Backend comes in.

from django.contrib.auth.backends import ModelBackend
from peeldb.models import User


class PasswordlessAuthBackend(ModelBackend):
    """Log in to Django without providing a password.

    """
    def authenticate(self, username=None):
        try:
            return User.objects.get(username=username)
        except User.DoesNotExist:
            return None

    def get_user(self, user_id):
        try:
            return User.objects.get(pk=user_id)
        except User.DoesNotExist:
            return None

In your settings.py add

AUTHENTICATION_BACKENDS += (
    # ... your other backends
    'social.auth_backend.PasswordlessAuthBackend',
    # path to your custom authentication file
    # appname.filename.classname
)

Then to authenticate a registered user, we can override authenticate function without password in our views like

user = authenticate(username={{user_email}})

   login(request, user)