From 3526d62540914e1b75de109b2d7f2775cdbc0e13 Mon Sep 17 00:00:00 2001 From: simon Date: Mon, 25 Oct 2021 19:28:05 +0700 Subject: [PATCH] custom user models for admin login --- docker-compose.yml | 2 ++ run.sh | 4 ++- tubearchivist/config/settings.py | 4 ++- tubearchivist/home/admin.py | 37 ++++++++++++++++++++-- tubearchivist/home/models.py | 54 ++++++++++++++++++++++++++++++-- 5 files changed, 95 insertions(+), 6 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 356fc8d8..08293ab2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -15,6 +15,8 @@ services: - REDIS_HOST=archivist-redis - HOST_UID=1000 - HOST_GID=1000 + - TA_USERNAME=tubearchivist + - TA_PASSWORD=verysecret depends_on: - archivist-es - archivist-redis diff --git a/run.sh b/run.sh index 64c39b26..27b1399a 100644 --- a/run.sh +++ b/run.sh @@ -15,7 +15,9 @@ done python manage.py makemigrations python manage.py migrate -python manage.py createsuperuser --noinput +export DJANGO_SUPERUSER_PASSWORD=$TA_PASSWORD && \ + python manage.py createsuperuser --noinput --name "$TA_USERNAME" + python manage.py collectstatic --noinput -c nginx & celery -A home.tasks worker --loglevel=INFO & diff --git a/tubearchivist/config/settings.py b/tubearchivist/config/settings.py index 349203c7..b2f485d6 100644 --- a/tubearchivist/config/settings.py +++ b/tubearchivist/config/settings.py @@ -23,7 +23,7 @@ BASE_DIR = Path(__file__).resolve().parent.parent # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/ -PW_HASH = hashlib.sha256(environ.get("DJANGO_SUPERUSER_PASSWORD").encode()) +PW_HASH = hashlib.sha256(environ.get("TA_PASSWORD").encode()) SECRET_KEY = PW_HASH.hexdigest() # SECURITY WARNING: don't run with debug turned on in production! @@ -109,6 +109,8 @@ AUTH_PASSWORD_VALIDATORS = [ }, ] +AUTH_USER_MODEL = "home.Account" + # Internationalization # https://docs.djangoproject.com/en/3.2/topics/i18n/ diff --git a/tubearchivist/home/admin.py b/tubearchivist/home/admin.py index 265698db..2bcb7011 100644 --- a/tubearchivist/home/admin.py +++ b/tubearchivist/home/admin.py @@ -1,3 +1,36 @@ -from django.contrib import admin # noqa: F401 - Unused import +"""custom admin classes""" -# Register your models here. +from django.contrib import admin +from django.contrib.auth.admin import UserAdmin as BaseUserAdmin + +from .models import Account + + +class HomeAdmin(BaseUserAdmin): + """register in admin page""" + + list_display = ("name", "is_staff", "is_superuser") + list_filter = ("is_superuser",) + + fieldsets = ( + (None, {"fields": ("is_staff", "is_superuser", "password")}), + ("Personal info", {"fields": ("name",)}), + ("Groups", {"fields": ("groups",)}), + ("Permissions", {"fields": ("user_permissions",)}), + ) + add_fieldsets = ( + ( + None, + {"fields": ("is_staff", "is_superuser", "password1", "password2")}, + ), + ("Personal info", {"fields": ("name",)}), + ("Groups", {"fields": ("groups",)}), + ("Permissions", {"fields": ("user_permissions",)}), + ) + + search_fields = ("name",) + ordering = ("name",) + filter_horizontal = () + + +admin.site.register(Account, HomeAdmin) diff --git a/tubearchivist/home/models.py b/tubearchivist/home/models.py index 75fe3d5d..d99b2dba 100644 --- a/tubearchivist/home/models.py +++ b/tubearchivist/home/models.py @@ -1,3 +1,53 @@ -from django.db import models # noqa: F401 - Unused import +"""custom models""" +from django.contrib.auth.models import ( + AbstractBaseUser, + BaseUserManager, + PermissionsMixin, +) +from django.db import models -# Create your models here. + +class AccountManager(BaseUserManager): + """manage user creation methods""" + + use_in_migrations = True + + def _create_user(self, name, password, **extra_fields): + """create regular user private""" + values = [name, password] + field_value_map = dict(zip(self.model.REQUIRED_FIELDS, values)) + for field_name, value in field_value_map.items(): + if not value: + raise ValueError(f"The {field_name} value must be set") + + user = self.model(name=name, **extra_fields) + user.set_password(password) + user.save(using=self._db) + return user + + def create_user(self, name, password): + """create regular user public""" + return self._create_user(name, password) + + def create_superuser(self, name, password, **extra_fields): + """create super user""" + extra_fields.setdefault("is_staff", True) + extra_fields.setdefault("is_superuser", True) + + if extra_fields.get("is_staff") is not True: + raise ValueError("Superuser must have is_staff=True.") + if extra_fields.get("is_superuser") is not True: + raise ValueError("Superuser must have is_superuser=True.") + + return self._create_user(name, password, **extra_fields) + + +class Account(AbstractBaseUser, PermissionsMixin): + """handle account creation""" + + name = models.CharField(max_length=150, unique=True) + is_staff = models.BooleanField(default=False) + objects = AccountManager() + + USERNAME_FIELD = "name" + REQUIRED_FIELDS = ["password"]