I have been researching this for a couple days now and found a lot of possible solutions, however most tutorials or documentation pages are over a year old (except the official django stuff) and are intended for an older version of django..or they just don't explain things very clearly. I am relatively new to Django and also python so I kind of need a little more explanation that most tuts seem to be giving.
Basically what I am doing is making a private archive of files with a blog at the front of it. Non-members would only see a login page, and can only see the rest of the site if they register via invite code and log in.
I am currently using Zinnia as a simple blog app, and customizing its default template to fit my needs.
Does anyone know how I could go about implementing these features?
EDIT: I am going through the tutorial 'Handling Authentication & Authorization' as suggested, and everything seems to be going well until I must create class-based views. Since the tutorial is working with some sort of example 'contact list' type application and I am managing a zinnia blog, I was wondering if you could help me figure out the proper classes/models to use. My views.py file is currently as follows, which is probably incorrect:
# blog/views.py
from django.contrib.auth.decorators import login_required
from django.utils.decorators import method_decorator
class LoggedInMixin(object):
@method_decorator(login_required)
def dispatch(self, *args, **kwargs):
return super(LoggedInMixin, self).dispatch(*args, **kwargs)
class ListBlogView(LoggedInMixin, ListView):
model = Entry
template_name = 'base.html'
def get_queryset(self):
return Entry.objects.filter(owner=self.request.user)
Not sure how I would alter this code to match what I am trying to do. I am pretty sure 'model', 'template_name', and the 'return' should correspond to something zinnia related but I am really stumped here.
In my opinion you could use a LoginRequiredMiddleware in order to check that user authenticated in every possible view. If not then redirect him to login page.
https://djangosnippets.org/snippets/1179/
Edit:
When it comes to authenticating users you should look these tutorials:
How to properly use the django built-in login view
http://effectivedjango.com/tutorial/authzn.html
http://dustindavis.me/django-login-form-on-every-page/
It's going to take a while to finish them but you should practice a bit to get more confidence with Python and Django.