By Dustin Farris on 22 Feb 2012
This document describes how to share users created using Django's auth system with other Django projects. It is not a hack; it simply makes use of the database router and middleware system that Django comes with out of the box.
There may come a time when you need to share your Django users with another Django project. In my case, I created a subdomain under a new project for handling user-specific tasks, but I wanted the original domain to have access to some data of logged in users, (name, userprofile information, etc...) This document shows how to "reroute" frontend auth and session requests from one Django project to another without breaking the admin for either project.
You must be running Django 1.2 or higher to make use of the new multiple database feature. I'll assume you have all your users in a project running OldWebsite.com, and you would also like to access those same sessions and users from a separate project, NewWebsite.com. Both should have their own databases that are already synced.
Set up a database configuration in the NewWebsite.com project that points to the database housing the users and sessions for NewWebsite.com:
DATABASES = {
'default': {
.
.
.
},
'usersandsessions': {
'ENGINE': ...,
'NAME': ...,
'USER': ...,
'PASSWORD': ...,
'HOST': ...,
'PORT': ...,
},
}Create a file routers.py in your project directory for NewWebsite.com. The middleware is crucial as it determines whether to actually use the router based on whether the user is accessing an admin page or a regular page.
"""
NewWebsite.com's router
Establishes rules to forward user and session db requests
to ExampleA.com unless we are accessing the admin.
"""
import threading
# Object to hold request data
request_cfg = threading.local()
class RouterMiddleware(object):
"""
Sets a flag if we are accessing Django admin to
prevent database rerouting for the auth model.
Removes the flag once the request has been processed.
"""
def process_view(self, request, view_func, args, kwargs):
if request.path.startswith('/admin'):
request_cfg.admin = True
def process_response(self, request, response):
if hasattr(request_cfg, 'admin'):
del request_cfg.admin
class UserSessionRouter(object):
"""
Redirects database IO for the auth and sessions
models to OldWebsite.com.
"""
def db_for_read(self, model, **hints):
if not hasattr(request_cfg, 'admin'):
if model._meta.app_label == 'auth':
return 'usersandsessions'
elif model._meta.app_label == 'accounts':
return 'usersandsessions'
elif model._meta.app_label == 'sessions':
return 'usersandsessions'
return None
def db_for_write(self, model, **hints):
if not hasattr(request_cfg, 'admin'):
if model._meta.app_label == 'auth':
return 'usersandsessions'
elif model._meta.app_label == 'accounts':
return 'usersandsessions'
elif model._meta.app_label == 'sessions':
return 'usersandsessions'
return NoneAdd the router setting to settings.py:
DATABASE_ROUTERS = ['project.routers.UserSessionRouter']And add the middleware at the top of your middleware classes:
MIDDLEWARE_CLASSES = [
'project.routers.RouterMiddleware',
...,
...,
...,
]If you only want to share users then your work is done. If you want to share sessions,
however, you must change one or both of your SECRET_KEY settings to match each other.
Just like the secret keys, the SESSION_COOKIE_DOMAIN setting from OldWebsite.com and
NewWebsite.com must match if you want to share sessions.
That's it. Now when a user logs in at OldWebsite.com, you will have access to
request.user and request.user.get_profile() (if you use it) from both sites until
the user logs out. Accessing NewWebsite.com/admin however will use NewWebsite.com's own
user database. Remember to modify routers.py if you have any special needs.