<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang=""> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>django.contrib.auth — Django 1.8.19 documentation</title> <link rel="stylesheet" href="../../_static/default.css" type="text/css" /> <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" /> <script type="text/javascript"> var DOCUMENTATION_OPTIONS = { URL_ROOT: '../../', VERSION: '1.8.19', COLLAPSE_INDEX: false, FILE_SUFFIX: '.html', HAS_SOURCE: true }; </script> <script type="text/javascript" src="../../_static/jquery.js"></script> <script type="text/javascript" src="../../_static/underscore.js"></script> <script type="text/javascript" src="../../_static/doctools.js"></script> <link rel="index" title="Index" href="../../genindex.html" /> <link rel="search" title="Search" href="../../search.html" /> <link rel="top" title="Django 1.8.19 documentation" href="../../contents.html" /> <link rel="up" title="contrib packages" href="index.html" /> <link rel="next" title="The contenttypes framework" href="contenttypes.html" /> <link rel="prev" title="The Django admin documentation generator" href="admin/admindocs.html" /> <script type="text/javascript" src="../../templatebuiltins.js"></script> <script type="text/javascript"> (function($) { if (!django_template_builtins) { // templatebuiltins.js missing, do nothing. return; } $(document).ready(function() { // Hyperlink Django template tags and filters var base = "../templates/builtins.html"; if (base == "#") { // Special case for builtins.html itself base = ""; } // Tags are keywords, class '.k' $("div.highlight\\-html\\+django span.k").each(function(i, elem) { var tagname = $(elem).text(); if ($.inArray(tagname, django_template_builtins.ttags) != -1) { var fragment = tagname.replace(/_/, '-'); $(elem).html("<a href='" + base + "#" + fragment + "'>" + tagname + "</a>"); } }); // Filters are functions, class '.nf' $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { var filtername = $(elem).text(); if ($.inArray(filtername, django_template_builtins.tfilters) != -1) { var fragment = filtername.replace(/_/, '-'); $(elem).html("<a href='" + base + "#" + fragment + "'>" + filtername + "</a>"); } }); }); })(jQuery); </script> </head> <body role="document"> <div class="document"> <div id="custom-doc" class="yui-t6"> <div id="hd"> <h1><a href="../../index.html">Django 1.8.19 documentation</a></h1> <div id="global-nav"> <a title="Home page" href="../../index.html">Home</a> | <a title="Table of contents" href="../../contents.html">Table of contents</a> | <a title="Global index" href="../../genindex.html">Index</a> | <a title="Module index" href="../../py-modindex.html">Modules</a> </div> <div class="nav"> « <a href="admin/admindocs.html" title="The Django admin documentation generator">previous</a> | <a href="../index.html" title="API Reference" accesskey="U">up</a> | <a href="contenttypes.html" title="The contenttypes framework">next</a> »</div> </div> <div id="bd"> <div id="yui-main"> <div class="yui-b"> <div class="yui-g" id="ref-contrib-auth"> <div class="section" id="s-django-contrib-auth"> <span id="django-contrib-auth"></span><h1><code class="docutils literal"><span class="pre">django.contrib.auth</span></code><a class="headerlink" href="#django-contrib-auth" title="Permalink to this headline">¶</a></h1> <p>This document provides API reference material for the components of Django’s authentication system. For more details on the usage of these components or how to customize authentication and authorization see the <a class="reference internal" href="../../topics/auth/index.html"><span class="doc">authentication topic guide</span></a>.</p> </div> <div class="section" id="s-user"> <span id="user"></span><h1>User<a class="headerlink" href="#user" title="Permalink to this headline">¶</a></h1> <div class="section" id="s-fields"> <span id="fields"></span><h2>Fields<a class="headerlink" href="#fields" title="Permalink to this headline">¶</a></h2> <dl class="class"> <dt id="django.contrib.auth.models.User"> <em class="property">class </em><code class="descclassname">models.</code><code class="descname">User</code><a class="headerlink" href="#django.contrib.auth.models.User" title="Permalink to this definition">¶</a></dt> <dd><p><a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> objects have the following fields:</p> <dl class="attribute"> <dt id="django.contrib.auth.models.User.username"> <code class="descname">username</code><a class="headerlink" href="#django.contrib.auth.models.User.username" title="Permalink to this definition">¶</a></dt> <dd><p>Required. 30 characters or fewer. Usernames may contain alphanumeric, <code class="docutils literal"><span class="pre">_</span></code>, <code class="docutils literal"><span class="pre">@</span></code>, <code class="docutils literal"><span class="pre">+</span></code>, <code class="docutils literal"><span class="pre">.</span></code> and <code class="docutils literal"><span class="pre">-</span></code> characters.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.first_name"> <code class="descname">first_name</code><a class="headerlink" href="#django.contrib.auth.models.User.first_name" title="Permalink to this definition">¶</a></dt> <dd><p>Optional. 30 characters or fewer.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.last_name"> <code class="descname">last_name</code><a class="headerlink" href="#django.contrib.auth.models.User.last_name" title="Permalink to this definition">¶</a></dt> <dd><p>Optional. 30 characters or fewer.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.email"> <code class="descname">email</code><a class="headerlink" href="#django.contrib.auth.models.User.email" title="Permalink to this definition">¶</a></dt> <dd><p>Optional. Email address.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.password"> <code class="descname">password</code><a class="headerlink" href="#django.contrib.auth.models.User.password" title="Permalink to this definition">¶</a></dt> <dd><p>Required. A hash of, and metadata about, the password. (Django doesn’t store the raw password.) Raw passwords can be arbitrarily long and can contain any character. See the <a class="reference internal" href="../../topics/auth/passwords.html"><span class="doc">password documentation</span></a>.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.groups"> <code class="descname">groups</code><a class="headerlink" href="#django.contrib.auth.models.User.groups" title="Permalink to this definition">¶</a></dt> <dd><p>Many-to-many relationship to <a class="reference internal" href="#django.contrib.auth.models.Group" title="django.contrib.auth.models.Group"><code class="xref py py-class docutils literal"><span class="pre">Group</span></code></a></p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.user_permissions"> <code class="descname">user_permissions</code><a class="headerlink" href="#django.contrib.auth.models.User.user_permissions" title="Permalink to this definition">¶</a></dt> <dd><p>Many-to-many relationship to <a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal"><span class="pre">Permission</span></code></a></p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.is_staff"> <code class="descname">is_staff</code><a class="headerlink" href="#django.contrib.auth.models.User.is_staff" title="Permalink to this definition">¶</a></dt> <dd><p>Boolean. Designates whether this user can access the admin site.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.is_active"> <code class="descname">is_active</code><a class="headerlink" href="#django.contrib.auth.models.User.is_active" title="Permalink to this definition">¶</a></dt> <dd><p>Boolean. Designates whether this user account should be considered active. We recommend that you set this flag to <code class="docutils literal"><span class="pre">False</span></code> instead of deleting accounts; that way, if your applications have any foreign keys to users, the foreign keys won’t break.</p> <p>This doesn’t necessarily control whether or not the user can log in. Authentication backends aren’t required to check for the <code class="docutils literal"><span class="pre">is_active</span></code> flag, and the default backends do not. If you want to reject a login based on <code class="docutils literal"><span class="pre">is_active</span></code> being <code class="docutils literal"><span class="pre">False</span></code>, it’s up to you to check that in your own login view or a custom authentication backend. However, the <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.forms.AuthenticationForm" title="django.contrib.auth.forms.AuthenticationForm"><code class="xref py py-class docutils literal"><span class="pre">AuthenticationForm</span></code></a> used by the <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.views.login" title="django.contrib.auth.views.login"><code class="xref py py-func docutils literal"><span class="pre">login()</span></code></a> view (which is the default) <em>does</em> perform this check, as do the permission-checking methods such as <a class="reference internal" href="#django.contrib.auth.models.User.has_perm" title="django.contrib.auth.models.User.has_perm"><code class="xref py py-meth docutils literal"><span class="pre">has_perm()</span></code></a> and the authentication in the Django admin. All of those functions/methods will return <code class="docutils literal"><span class="pre">False</span></code> for inactive users.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.is_superuser"> <code class="descname">is_superuser</code><a class="headerlink" href="#django.contrib.auth.models.User.is_superuser" title="Permalink to this definition">¶</a></dt> <dd><p>Boolean. Designates that this user has all permissions without explicitly assigning them.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.last_login"> <code class="descname">last_login</code><a class="headerlink" href="#django.contrib.auth.models.User.last_login" title="Permalink to this definition">¶</a></dt> <dd><p>A datetime of the user’s last login.</p> <div class="versionchanged"> <span class="title">Changed in Django 1.8:</span> <p>This field will be <code class="docutils literal"><span class="pre">null</span></code> if the user has never logged in. Previously it was set to the current date/time by default.</p> </div> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.User.date_joined"> <code class="descname">date_joined</code><a class="headerlink" href="#django.contrib.auth.models.User.date_joined" title="Permalink to this definition">¶</a></dt> <dd><p>A datetime designating when the account was created. Is set to the current date/time by default when the account is created.</p> </dd></dl> </dd></dl> </div> <div class="section" id="s-methods"> <span id="methods"></span><h2>Methods<a class="headerlink" href="#methods" title="Permalink to this headline">¶</a></h2> <dl class="class"> <dt> <em class="property">class </em><code class="descclassname">models.</code><code class="descname">User</code></dt> <dd><dl class="method"> <dt id="django.contrib.auth.models.User.get_username"> <code class="descname">get_username</code>()<a class="headerlink" href="#django.contrib.auth.models.User.get_username" title="Permalink to this definition">¶</a></dt> <dd><p>Returns the username for the user. Since the User model can be swapped out, you should use this method instead of referencing the username attribute directly.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.is_anonymous"> <code class="descname">is_anonymous</code>()<a class="headerlink" href="#django.contrib.auth.models.User.is_anonymous" title="Permalink to this definition">¶</a></dt> <dd><p>Always returns <code class="docutils literal"><span class="pre">False</span></code>. This is a way of differentiating <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> and <a class="reference internal" href="#django.contrib.auth.models.AnonymousUser" title="django.contrib.auth.models.AnonymousUser"><code class="xref py py-class docutils literal"><span class="pre">AnonymousUser</span></code></a> objects. Generally, you should prefer using <a class="reference internal" href="#django.contrib.auth.models.User.is_authenticated" title="django.contrib.auth.models.User.is_authenticated"><code class="xref py py-meth docutils literal"><span class="pre">is_authenticated()</span></code></a> to this method.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.is_authenticated"> <code class="descname">is_authenticated</code>()<a class="headerlink" href="#django.contrib.auth.models.User.is_authenticated" title="Permalink to this definition">¶</a></dt> <dd><p>Always returns <code class="docutils literal"><span class="pre">True</span></code> (as opposed to <code class="docutils literal"><span class="pre">AnonymousUser.is_authenticated()</span></code> which always returns <code class="docutils literal"><span class="pre">False</span></code>). This is a way to tell if the user has been authenticated. This does not imply any permissions, and doesn’t check if the user is active or has a valid session. Even though normally you will call this method on <code class="docutils literal"><span class="pre">request.user</span></code> to find out whether it has been populated by the <a class="reference internal" href="../middleware.html#django.contrib.auth.middleware.AuthenticationMiddleware" title="django.contrib.auth.middleware.AuthenticationMiddleware"><code class="xref py py-class docutils literal"><span class="pre">AuthenticationMiddleware</span></code></a> (representing the currently logged-in user), you should know this method returns <code class="docutils literal"><span class="pre">True</span></code> for any <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> instance.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.get_full_name"> <code class="descname">get_full_name</code>()<a class="headerlink" href="#django.contrib.auth.models.User.get_full_name" title="Permalink to this definition">¶</a></dt> <dd><p>Returns the <a class="reference internal" href="#django.contrib.auth.models.User.first_name" title="django.contrib.auth.models.User.first_name"><code class="xref py py-attr docutils literal"><span class="pre">first_name</span></code></a> plus the <a class="reference internal" href="#django.contrib.auth.models.User.last_name" title="django.contrib.auth.models.User.last_name"><code class="xref py py-attr docutils literal"><span class="pre">last_name</span></code></a>, with a space in between.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.get_short_name"> <code class="descname">get_short_name</code>()<a class="headerlink" href="#django.contrib.auth.models.User.get_short_name" title="Permalink to this definition">¶</a></dt> <dd><p>Returns the <a class="reference internal" href="#django.contrib.auth.models.User.first_name" title="django.contrib.auth.models.User.first_name"><code class="xref py py-attr docutils literal"><span class="pre">first_name</span></code></a>.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.set_password"> <code class="descname">set_password</code>(<em>raw_password</em>)<a class="headerlink" href="#django.contrib.auth.models.User.set_password" title="Permalink to this definition">¶</a></dt> <dd><p>Sets the user’s password to the given raw string, taking care of the password hashing. Doesn’t save the <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> object.</p> <p>When the <code class="docutils literal"><span class="pre">raw_password</span></code> is <code class="docutils literal"><span class="pre">None</span></code>, the password will be set to an unusable password, as if <a class="reference internal" href="#django.contrib.auth.models.User.set_unusable_password" title="django.contrib.auth.models.User.set_unusable_password"><code class="xref py py-meth docutils literal"><span class="pre">set_unusable_password()</span></code></a> were used.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.check_password"> <code class="descname">check_password</code>(<em>raw_password</em>)<a class="headerlink" href="#django.contrib.auth.models.User.check_password" title="Permalink to this definition">¶</a></dt> <dd><p>Returns <code class="docutils literal"><span class="pre">True</span></code> if the given raw string is the correct password for the user. (This takes care of the password hashing in making the comparison.)</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.set_unusable_password"> <code class="descname">set_unusable_password</code>()<a class="headerlink" href="#django.contrib.auth.models.User.set_unusable_password" title="Permalink to this definition">¶</a></dt> <dd><p>Marks the user as having no password set. This isn’t the same as having a blank string for a password. <a class="reference internal" href="#django.contrib.auth.models.User.check_password" title="django.contrib.auth.models.User.check_password"><code class="xref py py-meth docutils literal"><span class="pre">check_password()</span></code></a> for this user will never return <code class="docutils literal"><span class="pre">True</span></code>. Doesn’t save the <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> object.</p> <p>You may need this if authentication for your application takes place against an existing external source such as an LDAP directory.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.has_usable_password"> <code class="descname">has_usable_password</code>()<a class="headerlink" href="#django.contrib.auth.models.User.has_usable_password" title="Permalink to this definition">¶</a></dt> <dd><p>Returns <code class="docutils literal"><span class="pre">False</span></code> if <a class="reference internal" href="#django.contrib.auth.models.User.set_unusable_password" title="django.contrib.auth.models.User.set_unusable_password"><code class="xref py py-meth docutils literal"><span class="pre">set_unusable_password()</span></code></a> has been called for this user.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.get_group_permissions"> <code class="descname">get_group_permissions</code>(<em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.User.get_group_permissions" title="Permalink to this definition">¶</a></dt> <dd><p>Returns a set of permission strings that the user has, through their groups.</p> <p>If <code class="docutils literal"><span class="pre">obj</span></code> is passed in, only returns the group permissions for this specific object.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.get_all_permissions"> <code class="descname">get_all_permissions</code>(<em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.User.get_all_permissions" title="Permalink to this definition">¶</a></dt> <dd><p>Returns a set of permission strings that the user has, both through group and user permissions.</p> <p>If <code class="docutils literal"><span class="pre">obj</span></code> is passed in, only returns the permissions for this specific object.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.has_perm"> <code class="descname">has_perm</code>(<em>perm</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.User.has_perm" title="Permalink to this definition">¶</a></dt> <dd><p>Returns <code class="docutils literal"><span class="pre">True</span></code> if the user has the specified permission, where perm is in the format <code class="docutils literal"><span class="pre">"<app</span> <span class="pre">label>.<permission</span> <span class="pre">codename>"</span></code>. (see documentation on <a class="reference internal" href="../../topics/auth/default.html#topic-authorization"><span class="std std-ref">permissions</span></a>). If the user is inactive, this method will always return <code class="docutils literal"><span class="pre">False</span></code>.</p> <p>If <code class="docutils literal"><span class="pre">obj</span></code> is passed in, this method won’t check for a permission for the model, but for this specific object.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.has_perms"> <code class="descname">has_perms</code>(<em>perm_list</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.models.User.has_perms" title="Permalink to this definition">¶</a></dt> <dd><p>Returns <code class="docutils literal"><span class="pre">True</span></code> if the user has each of the specified permissions, where each perm is in the format <code class="docutils literal"><span class="pre">"<app</span> <span class="pre">label>.<permission</span> <span class="pre">codename>"</span></code>. If the user is inactive, this method will always return <code class="docutils literal"><span class="pre">False</span></code>.</p> <p>If <code class="docutils literal"><span class="pre">obj</span></code> is passed in, this method won’t check for permissions for the model, but for the specific object.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.has_module_perms"> <code class="descname">has_module_perms</code>(<em>package_name</em>)<a class="headerlink" href="#django.contrib.auth.models.User.has_module_perms" title="Permalink to this definition">¶</a></dt> <dd><p>Returns <code class="docutils literal"><span class="pre">True</span></code> if the user has any permissions in the given package (the Django app label). If the user is inactive, this method will always return <code class="docutils literal"><span class="pre">False</span></code>.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.User.email_user"> <code class="descname">email_user</code>(<em>subject</em>, <em>message</em>, <em>from_email=None</em>, <em>**kwargs</em>)<a class="headerlink" href="#django.contrib.auth.models.User.email_user" title="Permalink to this definition">¶</a></dt> <dd><p>Sends an email to the user. If <code class="docutils literal"><span class="pre">from_email</span></code> is <code class="docutils literal"><span class="pre">None</span></code>, Django uses the <a class="reference internal" href="../settings.html#std:setting-DEFAULT_FROM_EMAIL"><code class="xref std std-setting docutils literal"><span class="pre">DEFAULT_FROM_EMAIL</span></code></a>.</p> <div class="versionchanged"> <span class="title">Changed in Django 1.7:</span> <p>Any <code class="docutils literal"><span class="pre">**kwargs</span></code> are passed to the underlying <a class="reference internal" href="../../topics/email.html#django.core.mail.send_mail" title="django.core.mail.send_mail"><code class="xref py py-meth docutils literal"><span class="pre">send_mail()</span></code></a> call.</p> </div> </dd></dl> </dd></dl> </div> <div class="section" id="s-manager-methods"> <span id="manager-methods"></span><h2>Manager methods<a class="headerlink" href="#manager-methods" title="Permalink to this headline">¶</a></h2> <dl class="class"> <dt id="django.contrib.auth.models.UserManager"> <em class="property">class </em><code class="descclassname">models.</code><code class="descname">UserManager</code><a class="headerlink" href="#django.contrib.auth.models.UserManager" title="Permalink to this definition">¶</a></dt> <dd><p>The <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> model has a custom manager that has the following helper methods (in addition to the methods provided by <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.BaseUserManager" title="django.contrib.auth.models.BaseUserManager"><code class="xref py py-class docutils literal"><span class="pre">BaseUserManager</span></code></a>):</p> <dl class="method"> <dt id="django.contrib.auth.models.UserManager.create_user"> <code class="descname">create_user</code>(<em>username</em>, <em>email=None</em>, <em>password=None</em>, <em>**extra_fields</em>)<a class="headerlink" href="#django.contrib.auth.models.UserManager.create_user" title="Permalink to this definition">¶</a></dt> <dd><p>Creates, saves and returns a <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a>.</p> <p>The <a class="reference internal" href="#django.contrib.auth.models.User.username" title="django.contrib.auth.models.User.username"><code class="xref py py-attr docutils literal"><span class="pre">username</span></code></a> and <a class="reference internal" href="#django.contrib.auth.models.User.password" title="django.contrib.auth.models.User.password"><code class="xref py py-attr docutils literal"><span class="pre">password</span></code></a> are set as given. The domain portion of <a class="reference internal" href="#django.contrib.auth.models.User.email" title="django.contrib.auth.models.User.email"><code class="xref py py-attr docutils literal"><span class="pre">email</span></code></a> is automatically converted to lowercase, and the returned <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> object will have <a class="reference internal" href="#django.contrib.auth.models.User.is_active" title="django.contrib.auth.models.User.is_active"><code class="xref py py-attr docutils literal"><span class="pre">is_active</span></code></a> set to <code class="docutils literal"><span class="pre">True</span></code>.</p> <p>If no password is provided, <a class="reference internal" href="#django.contrib.auth.models.User.set_unusable_password" title="django.contrib.auth.models.User.set_unusable_password"><code class="xref py py-meth docutils literal"><span class="pre">set_unusable_password()</span></code></a> will be called.</p> <p>The <code class="docutils literal"><span class="pre">extra_fields</span></code> keyword arguments are passed through to the <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a>’s <code class="docutils literal"><span class="pre">__init__</span></code> method to allow setting arbitrary fields on a <a class="reference internal" href="../../topics/auth/customizing.html#auth-custom-user"><span class="std std-ref">custom User model</span></a>.</p> <p>See <a class="reference internal" href="../../topics/auth/default.html#topics-auth-creating-users"><span class="std std-ref">Creating users</span></a> for example usage.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.models.UserManager.create_superuser"> <code class="descname">create_superuser</code>(<em>username</em>, <em>email</em>, <em>password</em>, <em>**extra_fields</em>)<a class="headerlink" href="#django.contrib.auth.models.UserManager.create_superuser" title="Permalink to this definition">¶</a></dt> <dd><p>Same as <a class="reference internal" href="#django.contrib.auth.models.UserManager.create_user" title="django.contrib.auth.models.UserManager.create_user"><code class="xref py py-meth docutils literal"><span class="pre">create_user()</span></code></a>, but sets <a class="reference internal" href="#django.contrib.auth.models.User.is_staff" title="django.contrib.auth.models.User.is_staff"><code class="xref py py-attr docutils literal"><span class="pre">is_staff</span></code></a> and <a class="reference internal" href="#django.contrib.auth.models.User.is_superuser" title="django.contrib.auth.models.User.is_superuser"><code class="xref py py-attr docutils literal"><span class="pre">is_superuser</span></code></a> to <code class="docutils literal"><span class="pre">True</span></code>.</p> </dd></dl> </dd></dl> </div> </div> <div class="section" id="s-anonymous-users"> <span id="anonymous-users"></span><h1>Anonymous users<a class="headerlink" href="#anonymous-users" title="Permalink to this headline">¶</a></h1> <dl class="class"> <dt id="django.contrib.auth.models.AnonymousUser"> <em class="property">class </em><code class="descclassname">models.</code><code class="descname">AnonymousUser</code><a class="headerlink" href="#django.contrib.auth.models.AnonymousUser" title="Permalink to this definition">¶</a></dt> <dd><p><a class="reference internal" href="#django.contrib.auth.models.AnonymousUser" title="django.contrib.auth.models.AnonymousUser"><code class="xref py py-class docutils literal"><span class="pre">django.contrib.auth.models.AnonymousUser</span></code></a> is a class that implements the <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">django.contrib.auth.models.User</span></code></a> interface, with these differences:</p> <ul class="simple"> <li><a class="reference internal" href="../../topics/db/models.html#automatic-primary-key-fields"><span class="std std-ref">id</span></a> is always <code class="docutils literal"><span class="pre">None</span></code>.</li> <li><a class="reference internal" href="#django.contrib.auth.models.User.username" title="django.contrib.auth.models.User.username"><code class="xref py py-attr docutils literal"><span class="pre">username</span></code></a> is always the empty string.</li> <li><a class="reference internal" href="#django.contrib.auth.models.User.get_username" title="django.contrib.auth.models.User.get_username"><code class="xref py py-meth docutils literal"><span class="pre">get_username()</span></code></a> always returns the empty string.</li> <li><a class="reference internal" href="#django.contrib.auth.models.User.is_staff" title="django.contrib.auth.models.User.is_staff"><code class="xref py py-attr docutils literal"><span class="pre">is_staff</span></code></a> and <a class="reference internal" href="#django.contrib.auth.models.User.is_superuser" title="django.contrib.auth.models.User.is_superuser"><code class="xref py py-attr docutils literal"><span class="pre">is_superuser</span></code></a> are always <code class="docutils literal"><span class="pre">False</span></code>.</li> <li><a class="reference internal" href="#django.contrib.auth.models.User.is_active" title="django.contrib.auth.models.User.is_active"><code class="xref py py-attr docutils literal"><span class="pre">is_active</span></code></a> is always <code class="docutils literal"><span class="pre">False</span></code>.</li> <li><a class="reference internal" href="#django.contrib.auth.models.User.groups" title="django.contrib.auth.models.User.groups"><code class="xref py py-attr docutils literal"><span class="pre">groups</span></code></a> and <a class="reference internal" href="#django.contrib.auth.models.User.user_permissions" title="django.contrib.auth.models.User.user_permissions"><code class="xref py py-attr docutils literal"><span class="pre">user_permissions</span></code></a> are always empty.</li> <li><a class="reference internal" href="#django.contrib.auth.models.User.is_anonymous" title="django.contrib.auth.models.User.is_anonymous"><code class="xref py py-meth docutils literal"><span class="pre">is_anonymous()</span></code></a> returns <code class="docutils literal"><span class="pre">True</span></code> instead of <code class="docutils literal"><span class="pre">False</span></code>.</li> <li><a class="reference internal" href="#django.contrib.auth.models.User.is_authenticated" title="django.contrib.auth.models.User.is_authenticated"><code class="xref py py-meth docutils literal"><span class="pre">is_authenticated()</span></code></a> returns <code class="docutils literal"><span class="pre">False</span></code> instead of <code class="docutils literal"><span class="pre">True</span></code>.</li> <li><a class="reference internal" href="#django.contrib.auth.models.User.set_password" title="django.contrib.auth.models.User.set_password"><code class="xref py py-meth docutils literal"><span class="pre">set_password()</span></code></a>, <a class="reference internal" href="#django.contrib.auth.models.User.check_password" title="django.contrib.auth.models.User.check_password"><code class="xref py py-meth docutils literal"><span class="pre">check_password()</span></code></a>, <a class="reference internal" href="../models/instances.html#django.db.models.Model.save" title="django.db.models.Model.save"><code class="xref py py-meth docutils literal"><span class="pre">save()</span></code></a> and <a class="reference internal" href="../models/instances.html#django.db.models.Model.delete" title="django.db.models.Model.delete"><code class="xref py py-meth docutils literal"><span class="pre">delete()</span></code></a> raise <code class="xref py py-exc docutils literal"><span class="pre">NotImplementedError</span></code>.</li> </ul> <div class="versionadded"> <span class="title">New in Django 1.8:</span> <p><code class="docutils literal"><span class="pre">AnonymousUser.get_username()</span></code> has been added to better mirror <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">django.contrib.auth.models.User</span></code></a>.</p> </div> </dd></dl> <p>In practice, you probably won’t need to use <a class="reference internal" href="#django.contrib.auth.models.AnonymousUser" title="django.contrib.auth.models.AnonymousUser"><code class="xref py py-class docutils literal"><span class="pre">AnonymousUser</span></code></a> objects on your own, but they’re used by Web requests, as explained in the next section.</p> </div> <div class="section" id="s-permission"> <span id="permission"></span><h1>Permission<a class="headerlink" href="#permission" title="Permalink to this headline">¶</a></h1> <dl class="class"> <dt id="django.contrib.auth.models.Permission"> <em class="property">class </em><code class="descclassname">models.</code><code class="descname">Permission</code><a class="headerlink" href="#django.contrib.auth.models.Permission" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <div class="section" id="s-id1"> <span id="id1"></span><h2>Fields<a class="headerlink" href="#id1" title="Permalink to this headline">¶</a></h2> <p><a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal"><span class="pre">Permission</span></code></a> objects have the following fields:</p> <dl class="class"> <dt> <em class="property">class </em><code class="descclassname">models.</code><code class="descname">Permission</code></dt> <dd><dl class="attribute"> <dt id="django.contrib.auth.models.Permission.name"> <code class="descname">name</code><a class="headerlink" href="#django.contrib.auth.models.Permission.name" title="Permalink to this definition">¶</a></dt> <dd><p>Required. 255 characters or fewer. Example: <code class="docutils literal"><span class="pre">'Can</span> <span class="pre">vote'</span></code>.</p> <div class="versionchanged"> <span class="title">Changed in Django 1.8:</span> <p>The <code class="docutils literal"><span class="pre">max_length</span></code> increased from 50 to 255 characters.</p> </div> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.Permission.content_type"> <code class="descname">content_type</code><a class="headerlink" href="#django.contrib.auth.models.Permission.content_type" title="Permalink to this definition">¶</a></dt> <dd><p>Required. A reference to the <code class="docutils literal"><span class="pre">django_content_type</span></code> database table, which contains a record for each installed model.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.Permission.codename"> <code class="descname">codename</code><a class="headerlink" href="#django.contrib.auth.models.Permission.codename" title="Permalink to this definition">¶</a></dt> <dd><p>Required. 100 characters or fewer. Example: <code class="docutils literal"><span class="pre">'can_vote'</span></code>.</p> </dd></dl> </dd></dl> </div> <div class="section" id="s-id2"> <span id="id2"></span><h2>Methods<a class="headerlink" href="#id2" title="Permalink to this headline">¶</a></h2> <p><a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal"><span class="pre">Permission</span></code></a> objects have the standard data-access methods like any other <a class="reference internal" href="../models/instances.html"><span class="doc">Django model</span></a>.</p> </div> </div> <div class="section" id="s-group"> <span id="group"></span><h1>Group<a class="headerlink" href="#group" title="Permalink to this headline">¶</a></h1> <dl class="class"> <dt id="django.contrib.auth.models.Group"> <em class="property">class </em><code class="descclassname">models.</code><code class="descname">Group</code><a class="headerlink" href="#django.contrib.auth.models.Group" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <div class="section" id="s-id3"> <span id="id3"></span><h2>Fields<a class="headerlink" href="#id3" title="Permalink to this headline">¶</a></h2> <p><a class="reference internal" href="#django.contrib.auth.models.Group" title="django.contrib.auth.models.Group"><code class="xref py py-class docutils literal"><span class="pre">Group</span></code></a> objects have the following fields:</p> <dl class="class"> <dt> <em class="property">class </em><code class="descclassname">models.</code><code class="descname">Group</code></dt> <dd><dl class="attribute"> <dt id="django.contrib.auth.models.Group.name"> <code class="descname">name</code><a class="headerlink" href="#django.contrib.auth.models.Group.name" title="Permalink to this definition">¶</a></dt> <dd><p>Required. 80 characters or fewer. Any characters are permitted. Example: <code class="docutils literal"><span class="pre">'Awesome</span> <span class="pre">Users'</span></code>.</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.models.Group.permissions"> <code class="descname">permissions</code><a class="headerlink" href="#django.contrib.auth.models.Group.permissions" title="Permalink to this definition">¶</a></dt> <dd><p>Many-to-many field to <a class="reference internal" href="#django.contrib.auth.models.Permission" title="django.contrib.auth.models.Permission"><code class="xref py py-class docutils literal"><span class="pre">Permission</span></code></a>:</p> <div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">group</span><span class="o">.</span><span class="n">permissions</span> <span class="o">=</span> <span class="p">[</span><span class="n">permission_list</span><span class="p">]</span> <span class="n">group</span><span class="o">.</span><span class="n">permissions</span><span class="o">.</span><span class="n">add</span><span class="p">(</span><span class="n">permission</span><span class="p">,</span> <span class="n">permission</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> <span class="n">group</span><span class="o">.</span><span class="n">permissions</span><span class="o">.</span><span class="n">remove</span><span class="p">(</span><span class="n">permission</span><span class="p">,</span> <span class="n">permission</span><span class="p">,</span> <span class="o">...</span><span class="p">)</span> <span class="n">group</span><span class="o">.</span><span class="n">permissions</span><span class="o">.</span><span class="n">clear</span><span class="p">()</span> </pre></div> </div> </dd></dl> </dd></dl> </div> </div> <div class="section" id="s-module-django.contrib.auth.signals"> <span id="s-login-and-logout-signals"></span><span id="s-topics-auth-signals"></span><span id="module-django.contrib.auth.signals"></span><span id="login-and-logout-signals"></span><span id="topics-auth-signals"></span><h1>Login and logout signals<a class="headerlink" href="#module-django.contrib.auth.signals" title="Permalink to this headline">¶</a></h1> <p>The auth framework uses the following <a class="reference internal" href="../../topics/signals.html"><span class="doc">signals</span></a> that can be used for notification when a user logs in or out.</p> <dl class="function"> <dt id="django.contrib.auth.signals.user_logged_in"> <code class="descname">user_logged_in</code>()<a class="headerlink" href="#django.contrib.auth.signals.user_logged_in" title="Permalink to this definition">¶</a></dt> <dd><p>Sent when a user logs in successfully.</p> <p>Arguments sent with this signal:</p> <dl class="docutils"> <dt><code class="docutils literal"><span class="pre">sender</span></code></dt> <dd>The class of the user that just logged in.</dd> <dt><code class="docutils literal"><span class="pre">request</span></code></dt> <dd>The current <a class="reference internal" href="../request-response.html#django.http.HttpRequest" title="django.http.HttpRequest"><code class="xref py py-class docutils literal"><span class="pre">HttpRequest</span></code></a> instance.</dd> <dt><code class="docutils literal"><span class="pre">user</span></code></dt> <dd>The user instance that just logged in.</dd> </dl> </dd></dl> <dl class="function"> <dt id="django.contrib.auth.signals.user_logged_out"> <code class="descname">user_logged_out</code>()<a class="headerlink" href="#django.contrib.auth.signals.user_logged_out" title="Permalink to this definition">¶</a></dt> <dd><p>Sent when the logout method is called.</p> <dl class="docutils"> <dt><code class="docutils literal"><span class="pre">sender</span></code></dt> <dd>As above: the class of the user that just logged out or <code class="docutils literal"><span class="pre">None</span></code> if the user was not authenticated.</dd> <dt><code class="docutils literal"><span class="pre">request</span></code></dt> <dd>The current <a class="reference internal" href="../request-response.html#django.http.HttpRequest" title="django.http.HttpRequest"><code class="xref py py-class docutils literal"><span class="pre">HttpRequest</span></code></a> instance.</dd> <dt><code class="docutils literal"><span class="pre">user</span></code></dt> <dd>The user instance that just logged out or <code class="docutils literal"><span class="pre">None</span></code> if the user was not authenticated.</dd> </dl> </dd></dl> <dl class="function"> <dt id="django.contrib.auth.signals.user_login_failed"> <code class="descname">user_login_failed</code>()<a class="headerlink" href="#django.contrib.auth.signals.user_login_failed" title="Permalink to this definition">¶</a></dt> <dd><p>Sent when the user failed to login successfully</p> <dl class="docutils"> <dt><code class="docutils literal"><span class="pre">sender</span></code></dt> <dd>The name of the module used for authentication.</dd> <dt><code class="docutils literal"><span class="pre">credentials</span></code></dt> <dd>A dictionary of keyword arguments containing the user credentials that were passed to <a class="reference internal" href="../../topics/auth/default.html#django.contrib.auth.authenticate" title="django.contrib.auth.authenticate"><code class="xref py py-func docutils literal"><span class="pre">authenticate()</span></code></a> or your own custom authentication backend. Credentials matching a set of ‘sensitive’ patterns, (including password) will not be sent in the clear as part of the signal.</dd> </dl> </dd></dl> </div> <div class="section" id="s-module-django.contrib.auth.backends"> <span id="s-authentication-backends"></span><span id="s-authentication-backends-reference"></span><span id="module-django.contrib.auth.backends"></span><span id="authentication-backends"></span><span id="authentication-backends-reference"></span><h1>Authentication backends<a class="headerlink" href="#module-django.contrib.auth.backends" title="Permalink to this headline">¶</a></h1> <p>This section details the authentication backends that come with Django. For information on how to use them and how to write your own authentication backends, see the <a class="reference internal" href="../../topics/auth/customizing.html#authentication-backends"><span class="std std-ref">Other authentication sources section</span></a> of the <a class="reference internal" href="../../topics/auth/index.html"><span class="doc">User authentication guide</span></a>.</p> <div class="section" id="s-available-authentication-backends"> <span id="available-authentication-backends"></span><h2>Available authentication backends<a class="headerlink" href="#available-authentication-backends" title="Permalink to this headline">¶</a></h2> <p>The following backends are available in <a class="reference internal" href="#module-django.contrib.auth.backends" title="django.contrib.auth.backends: Django's built-in authentication backend classes."><code class="xref py py-mod docutils literal"><span class="pre">django.contrib.auth.backends</span></code></a>:</p> <dl class="class"> <dt id="django.contrib.auth.backends.ModelBackend"> <em class="property">class </em><code class="descname">ModelBackend</code><a class="headerlink" href="#django.contrib.auth.backends.ModelBackend" title="Permalink to this definition">¶</a></dt> <dd><p>This is the default authentication backend used by Django. It authenticates using credentials consisting of a user identifier and password. For Django’s default user model, the user identifier is the username, for custom user models it is the field specified by USERNAME_FIELD (see <a class="reference internal" href="../../topics/auth/customizing.html"><span class="doc">Customizing Users and authentication</span></a>).</p> <p>It also handles the default permissions model as defined for <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> and <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.PermissionsMixin" title="django.contrib.auth.models.PermissionsMixin"><code class="xref py py-class docutils literal"><span class="pre">PermissionsMixin</span></code></a>.</p> <p><a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.has_perm" title="django.contrib.auth.backends.ModelBackend.has_perm"><code class="xref py py-meth docutils literal"><span class="pre">has_perm()</span></code></a>, <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.get_all_permissions" title="django.contrib.auth.backends.ModelBackend.get_all_permissions"><code class="xref py py-meth docutils literal"><span class="pre">get_all_permissions()</span></code></a>, <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.get_user_permissions" title="django.contrib.auth.backends.ModelBackend.get_user_permissions"><code class="xref py py-meth docutils literal"><span class="pre">get_user_permissions()</span></code></a>, and <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.get_group_permissions" title="django.contrib.auth.backends.ModelBackend.get_group_permissions"><code class="xref py py-meth docutils literal"><span class="pre">get_group_permissions()</span></code></a> allow an object to be passed as a parameter for object-specific permissions, but this backend does not implement them other than returning an empty set of permissions if <code class="docutils literal"><span class="pre">obj</span> <span class="pre">is</span> <span class="pre">not</span> <span class="pre">None</span></code>.</p> <dl class="method"> <dt id="django.contrib.auth.backends.ModelBackend.authenticate"> <code class="descname">authenticate</code>(<em>username=None</em>, <em>password=None</em>, <em>**kwargs</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.authenticate" title="Permalink to this definition">¶</a></dt> <dd><p>Tries to authenticate <code class="docutils literal"><span class="pre">username</span></code> with <code class="docutils literal"><span class="pre">password</span></code> by calling <a class="reference internal" href="#django.contrib.auth.models.User.check_password" title="django.contrib.auth.models.User.check_password"><code class="xref py py-meth docutils literal"><span class="pre">User.check_password</span></code></a>. If no <code class="docutils literal"><span class="pre">username</span></code> is provided, it tries to fetch a username from <code class="docutils literal"><span class="pre">kwargs</span></code> using the key <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.USERNAME_FIELD" title="django.contrib.auth.models.CustomUser.USERNAME_FIELD"><code class="xref py py-attr docutils literal"><span class="pre">CustomUser.USERNAME_FIELD</span></code></a>. Returns an authenticated user or <code class="docutils literal"><span class="pre">None</span></code>.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.backends.ModelBackend.get_user_permissions"> <code class="descname">get_user_permissions</code>(<em>user_obj</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.get_user_permissions" title="Permalink to this definition">¶</a></dt> <dd><div class="versionadded"> <span class="title">New in Django 1.8.</span> </div> <p>Returns the set of permission strings the <code class="docutils literal"><span class="pre">user_obj</span></code> has from their own user permissions. Returns an empty set if <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.AbstractBaseUser.is_anonymous" title="django.contrib.auth.models.AbstractBaseUser.is_anonymous"><code class="xref py py-meth docutils literal"><span class="pre">is_anonymous()</span></code></a> or <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal"><span class="pre">is_active</span></code></a> is <code class="docutils literal"><span class="pre">False</span></code>.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.backends.ModelBackend.get_group_permissions"> <code class="descname">get_group_permissions</code>(<em>user_obj</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.get_group_permissions" title="Permalink to this definition">¶</a></dt> <dd><p>Returns the set of permission strings the <code class="docutils literal"><span class="pre">user_obj</span></code> has from the permissions of the groups they belong. Returns an empty set if <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.AbstractBaseUser.is_anonymous" title="django.contrib.auth.models.AbstractBaseUser.is_anonymous"><code class="xref py py-meth docutils literal"><span class="pre">is_anonymous()</span></code></a> or <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal"><span class="pre">is_active</span></code></a> is <code class="docutils literal"><span class="pre">False</span></code>.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.backends.ModelBackend.get_all_permissions"> <code class="descname">get_all_permissions</code>(<em>user_obj</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.get_all_permissions" title="Permalink to this definition">¶</a></dt> <dd><p>Returns the set of permission strings the <code class="docutils literal"><span class="pre">user_obj</span></code> has, including both user permissions and group permissions. Returns an empty set if <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.AbstractBaseUser.is_anonymous" title="django.contrib.auth.models.AbstractBaseUser.is_anonymous"><code class="xref py py-meth docutils literal"><span class="pre">is_anonymous()</span></code></a> or <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal"><span class="pre">is_active</span></code></a> is <code class="docutils literal"><span class="pre">False</span></code>.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.backends.ModelBackend.has_perm"> <code class="descname">has_perm</code>(<em>user_obj</em>, <em>perm</em>, <em>obj=None</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.has_perm" title="Permalink to this definition">¶</a></dt> <dd><p>Uses <a class="reference internal" href="#django.contrib.auth.backends.ModelBackend.get_all_permissions" title="django.contrib.auth.backends.ModelBackend.get_all_permissions"><code class="xref py py-meth docutils literal"><span class="pre">get_all_permissions()</span></code></a> to check if <code class="docutils literal"><span class="pre">user_obj</span></code> has the permission string <code class="docutils literal"><span class="pre">perm</span></code>. Returns <code class="docutils literal"><span class="pre">False</span></code> if the user is not <a class="reference internal" href="../../topics/auth/customizing.html#django.contrib.auth.models.CustomUser.is_active" title="django.contrib.auth.models.CustomUser.is_active"><code class="xref py py-attr docutils literal"><span class="pre">is_active</span></code></a>.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.backends.ModelBackend.has_module_perms"> <code class="descname">has_module_perms</code>(<em>self</em>, <em>user_obj</em>, <em>app_label</em>)<a class="headerlink" href="#django.contrib.auth.backends.ModelBackend.has_module_perms" title="Permalink to this definition">¶</a></dt> <dd><p>Returns whether the <code class="docutils literal"><span class="pre">user_obj</span></code> has any permissions on the app <code class="docutils literal"><span class="pre">app_label</span></code>.</p> </dd></dl> </dd></dl> <dl class="class"> <dt id="django.contrib.auth.backends.RemoteUserBackend"> <em class="property">class </em><code class="descname">RemoteUserBackend</code><a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend" title="Permalink to this definition">¶</a></dt> <dd><p>Use this backend to take advantage of external-to-Django-handled authentication. It authenticates using usernames passed in <a class="reference internal" href="../request-response.html#django.http.HttpRequest.META" title="django.http.HttpRequest.META"><code class="xref py py-attr docutils literal"><span class="pre">request.META['REMOTE_USER']</span></code></a>. See the <a class="reference internal" href="../../howto/auth-remote-user.html"><span class="doc">Authenticating against REMOTE_USER</span></a> documentation.</p> <p>If you need more control, you can create your own authentication backend that inherits from this class and override these attributes or methods:</p> </dd></dl> <dl class="attribute"> <dt id="django.contrib.auth.backends.RemoteUserBackend.create_unknown_user"> <code class="descclassname">RemoteUserBackend.</code><code class="descname">create_unknown_user</code><a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend.create_unknown_user" title="Permalink to this definition">¶</a></dt> <dd><p><code class="docutils literal"><span class="pre">True</span></code> or <code class="docutils literal"><span class="pre">False</span></code>. Determines whether or not a <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> object is created if not already in the database. Defaults to <code class="docutils literal"><span class="pre">True</span></code>.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.backends.RemoteUserBackend.authenticate"> <code class="descclassname">RemoteUserBackend.</code><code class="descname">authenticate</code>(<em>remote_user</em>)<a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend.authenticate" title="Permalink to this definition">¶</a></dt> <dd><p>The username passed as <code class="docutils literal"><span class="pre">remote_user</span></code> is considered trusted. This method simply returns the <code class="docutils literal"><span class="pre">User</span></code> object with the given username, creating a new <code class="docutils literal"><span class="pre">User</span></code> object if <a class="reference internal" href="#django.contrib.auth.backends.RemoteUserBackend.create_unknown_user" title="django.contrib.auth.backends.RemoteUserBackend.create_unknown_user"><code class="xref py py-attr docutils literal"><span class="pre">create_unknown_user</span></code></a> is <code class="docutils literal"><span class="pre">True</span></code>.</p> <p>Returns <code class="docutils literal"><span class="pre">None</span></code> if <a class="reference internal" href="#django.contrib.auth.backends.RemoteUserBackend.create_unknown_user" title="django.contrib.auth.backends.RemoteUserBackend.create_unknown_user"><code class="xref py py-attr docutils literal"><span class="pre">create_unknown_user</span></code></a> is <code class="docutils literal"><span class="pre">False</span></code> and a <code class="docutils literal"><span class="pre">User</span></code> object with the given username is not found in the database.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.backends.RemoteUserBackend.clean_username"> <code class="descclassname">RemoteUserBackend.</code><code class="descname">clean_username</code>(<em>username</em>)<a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend.clean_username" title="Permalink to this definition">¶</a></dt> <dd><p>Performs any cleaning on the <code class="docutils literal"><span class="pre">username</span></code> (e.g. stripping LDAP DN information) prior to using it to get or create a <a class="reference internal" href="#django.contrib.auth.models.User" title="django.contrib.auth.models.User"><code class="xref py py-class docutils literal"><span class="pre">User</span></code></a> object. Returns the cleaned username.</p> </dd></dl> <dl class="method"> <dt id="django.contrib.auth.backends.RemoteUserBackend.configure_user"> <code class="descclassname">RemoteUserBackend.</code><code class="descname">configure_user</code>(<em>user</em>)<a class="headerlink" href="#django.contrib.auth.backends.RemoteUserBackend.configure_user" title="Permalink to this definition">¶</a></dt> <dd><p>Configures a newly created user. This method is called immediately after a new user is created, and can be used to perform custom setup actions, such as setting the user’s groups based on attributes in an LDAP directory. Returns the user object.</p> </dd></dl> </div> </div> </div> </div> </div> <div class="yui-b" id="sidebar"> <div class="sphinxsidebar" role="navigation" aria-label="main navigation"> <div class="sphinxsidebarwrapper"> <h3><a href="../../contents.html">Table Of Contents</a></h3> <ul> <li><a class="reference internal" href="#"><code class="docutils literal"><span class="pre">django.contrib.auth</span></code></a></li> <li><a class="reference internal" href="#user">User</a><ul> <li><a class="reference internal" href="#fields">Fields</a></li> <li><a class="reference internal" href="#methods">Methods</a></li> <li><a class="reference internal" href="#manager-methods">Manager methods</a></li> </ul> </li> <li><a class="reference internal" href="#anonymous-users">Anonymous users</a></li> <li><a class="reference internal" href="#permission">Permission</a><ul> <li><a class="reference internal" href="#id1">Fields</a></li> <li><a class="reference internal" href="#id2">Methods</a></li> </ul> </li> <li><a class="reference internal" href="#group">Group</a><ul> <li><a class="reference internal" href="#id3">Fields</a></li> </ul> </li> <li><a class="reference internal" href="#module-django.contrib.auth.signals">Login and logout signals</a></li> <li><a class="reference internal" href="#module-django.contrib.auth.backends">Authentication backends</a><ul> <li><a class="reference internal" href="#available-authentication-backends">Available authentication backends</a></li> </ul> </li> </ul> <h3>Browse</h3> <ul> <li>Prev: <a href="admin/admindocs.html">The Django admin documentation generator</a></li> <li>Next: <a href="contenttypes.html">The contenttypes framework</a></li> </ul> <h3>You are here:</h3> <ul> <li> <a href="../../index.html">Django 1.8.19 documentation</a> <ul><li><a href="../index.html">API Reference</a> <ul><li><a href="index.html"><code class="docutils literal"><span class="pre">contrib</span></code> packages</a> <ul><li><code class="docutils literal"><span class="pre">django.contrib.auth</span></code></li></ul> </li></ul></li></ul> </li> </ul> <div role="note" aria-label="source link"> <h3>This Page</h3> <ul class="this-page-menu"> <li><a href="../../_sources/ref/contrib/auth.txt" rel="nofollow">Show Source</a></li> </ul> </div> <div id="searchbox" style="display: none" role="search"> <h3>Quick search</h3> <form class="search" action="../../search.html" method="get"> <div><input type="text" name="q" /></div> <div><input type="submit" value="Go" /></div> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> <script type="text/javascript">$('#searchbox').show(0);</script> </div> </div> <h3>Last update:</h3> <p class="topless">Mar 10, 2018</p> </div> </div> <div id="ft"> <div class="nav"> « <a href="admin/admindocs.html" title="The Django admin documentation generator">previous</a> | <a href="../index.html" title="API Reference" accesskey="U">up</a> | <a href="contenttypes.html" title="The contenttypes framework">next</a> »</div> </div> </div> <div class="clearer"></div> </div> </body> </html>