Skip to content

Instantly share code, notes, and snippets.

@jvzammit

jvzammit/547__approach.md

Last active August 29, 2015 14:04
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save jvzammit/a63a84082209c0b0d8f0 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save jvzammit/a63a84082209c0b0d8f0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
547__approach.md

Steps:

1. Unit test changes

Rework all unit tests data creation to use noodleauth.tests.data function create_test_user to which optional parameters can be passed to override default field values used to create test user. Once this effort is complete, rest of team should start using this function to create users within unit tests. Unit tests won't be affected by "internal" noodleauth changes ("internal" in this context means changes that are within immediate app only).

2. Actual noodleauth app changes

  • fix current standards-non-compliant code (including camelCased variables/field/class names)
  • assess how to remove extendedData field
    • TODO
  • retain nice_key but dispose of noodle_key
  • rework NoodleUsers to UserProfile table
    • options:
      1. use username from django.auth.models.User instead of the current NoodleUsers class
      • if still relying on email for user identification, retain current substitution of User model, but still rename variables (i.e. stop using username for a variable that actually stored an email address!)
    • model as 1:1 relationship auth.User <=> noodleauth.models.Profile or noodleauth.User <=> noodleauth.models.Profile instead of what's being currently done, in order to separate user profile related info from user authentication related info
  • investigate the logic behind the set_default_singly_password function
    • this stuff should be happening in the singly authentication backend, i.e. noodleauth.auth_backend.SinglyAuthBackend
    • TODO: get an overview of how this singly process works; and remove any singly-specific logic/artefacts out of the noodleauth.models class which houses only the generic user profile applicable to all backends
  • after @jcalazan reworks the default hasher for passwords to internally like exactly as in AbstractBaseUser password management
    • try to remove all password handling logic out of noodleauth.models and relocate it in the auth backend it belongs to
  • class AdminRole
    • this class is practically redundant because auth.user has both is_active and is_admin (and also AbstractBaseUser has is_active, in case the default User model is substituted; only is_admin would require re-definition) and this practically "groups" permissions
    • TODO: discuss with @rlepore

3. Other apps changes

Coding approaches outside App:

  • Advise 16.1 in TSOD: in code outside app always use Django's tools to retrieve user model:
>>> from django.contrib.auth import get_user_model
>>> get_user_model()
<class 'django.contrib.auth.models.User'>
  • Use settings.AUTH USER MODEL for Foreign Keys to User (recommended by Django docs):
from django.conf import settings
...
owner = models.OneToOneField(settings.AUTH_USER_MODEL)
  • change unit tests to use the fastest hasher, i.e. put this in settings.test (should reduce current test suite's execution time by a half at least):
PASSWORD_HASHERS = (
    'django.contrib.auth.hashers.MD5PasswordHasher',
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment