#Custom Authentication

8 messages · Page 1 of 1 (latest)

full axle
#

I am working on a Django project for a client who provides services and wants the authentication method to be through OTP that he set , so that only his intended clients can use it. To implement the same what are the methods available in django , since I am new to the entire web development even the slightest of help is appreciated.

azure canyon
#

OTP isn't the same as two-factor-authentication although they are often used in the same context, you should make sure to know what you actually want to do

full axle
#

So what I actually want is like in sites like Udemy where you log in but don't get access to the course until you pay for it , similarly I want that people accessing the site don't get access to particular parts until they put in the password that is provided by me/admin. If anyone else using the password/otp / alphanumeric series other than the one set by me/admin should not get access to those part of the site

azure canyon
#

hm not sure that describes a use case where OTP would help much. you can control which parts of your pages users can see with some sort of permission system, no need for typing passwords to enter specific non-public areas

full axle
#

ANy good blogpost or tutorial that covers the topic of how to make permision control ?

shell bridge
#

Say the admin wants only specific users to access a course, he/she can add that user to the respective group for that particular course. However, this technique has a big overhead depending on how many courses are there, but still I know the answer lies along this thought process.

You could maybe define a new model with course_id (or unique identifier of whatever resource is there in that application) and user_id as foreign_keys to resource and user model, and together they become a composite primary key.

And grant add/update/delete permissions for this model only to admins/superusers. That way, every user will have access to one specific resource, as allowed by the admin.