This is only a simple backend and isn't really useful beyond an example. More experienced users may want to skip this step
For this example we are going to check to see if a user matching the username exists and that the password is their username in reverse.
So, assuming you have a user called admin, the following would be correct;
# import the User object from django.contrib.auth.models import User # Name my backend 'MyCustomBackend' class MyCustomBackend: # Create an authentication method # This is called by the standard Django login procedure def authenticate(self, username=None, password=None): try: # Try to find a user matching your username user = User.objects.get(username=username) # Check the password is the reverse of the username if password == username[::-1]: # Yes? return the Django user object return user else: # No? return None - triggers default login failed return None except User.DoesNotExist: # No user was found, return None - triggers default login failed return None # Required for your backend to work properly - unchanged in most scenarios def get_user(self, user_id): try: return User.objects.get(pk=user_id) except User.DoesNotExist: return None
AUTHENTICATION_BACKENDS = ( 'path.to.your.MyCustomBackend', )
You might have
'project.backend.MyCustomBackend' - this could be
backend.py in your project file, with a class name of
Yes, security wise this is pretty pointless, but its demonstrating how a simple authentication backend works.