pythondjangodjango-authenticationzinnia

Django 1.7 & Zinnia (stable) - How can I make my blog private and invite-only?


I have been researching this for a couple days now and found a lot of possible solutions, however most tutorials or documentation pages are over a year old (except the official django stuff) and are intended for an older version of django..or they just don't explain things very clearly. I am relatively new to Django and also python so I kind of need a little more explanation that most tuts seem to be giving.

Basically what I am doing is making a private archive of files with a blog at the front of it. Non-members would only see a login page, and can only see the rest of the site if they register via invite code and log in.

I am currently using Zinnia as a simple blog app, and customizing its default template to fit my needs.

Does anyone know how I could go about implementing these features?

EDIT: I am going through the tutorial 'Handling Authentication & Authorization' as suggested, and everything seems to be going well until I must create class-based views. Since the tutorial is working with some sort of example 'contact list' type application and I am managing a zinnia blog, I was wondering if you could help me figure out the proper classes/models to use. My views.py file is currently as follows, which is probably incorrect:

#                           blog/views.py

from django.contrib.auth.decorators import login_required
from django.utils.decorators import method_decorator

class LoggedInMixin(object):

    @method_decorator(login_required)
    def dispatch(self, *args, **kwargs):
        return super(LoggedInMixin, self).dispatch(*args, **kwargs)

class ListBlogView(LoggedInMixin, ListView):

    model = Entry
    template_name = 'base.html'

    def get_queryset(self):

        return Entry.objects.filter(owner=self.request.user)

Not sure how I would alter this code to match what I am trying to do. I am pretty sure 'model', 'template_name', and the 'return' should correspond to something zinnia related but I am really stumped here.


Solution

  • In my opinion you could use a LoginRequiredMiddleware in order to check that user authenticated in every possible view. If not then redirect him to login page.

    https://djangosnippets.org/snippets/1179/

    Edit:

    When it comes to authenticating users you should look these tutorials:

    How to properly use the django built-in login view

    homepage login form Django

    http://effectivedjango.com/tutorial/authzn.html

    http://dustindavis.me/django-login-form-on-every-page/

    It's going to take a while to finish them but you should practice a bit to get more confidence with Python and Django.