Auth - pai-plznw4me/django-initializer GitHub Wiki

Django Auth

๋‹ค๋ฃจ๋Š” ์ฃผ์ œ

  • user accounts
  • groups
  • permissions
  • cookie-based user sessions.

Terms

Authentication : ๋กœ๊ทธ์ธ
Authorization : ๊ถŒํ•œ
Auth = Authentication + Authorization
(๊ถŒํ•œ ๋ถ€์—ฌ๋Š” ์‚ฌ์šฉ์ž์˜ ์‹ ์›์ด ์„ฑ๊ณต์ ์œผ๋กœ ์ธ์ฆ ๋œ ํ›„์— ๋ฐœ์ƒํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋Ÿผ ์ธ์ฆ๊ณผ ๊ถŒํ•œ ๋ถ€์—ฌ, ์ด ๋‘˜์— ๋Œ€ํ•ด ์ข€ ๋” ์ž์„ธํžˆ ์‚ดํŽด๋ณด๊ฒ ์Šต๋‹ˆ๋‹ค.)

Auth์— ๋Œ€ํ•ด ์ž˜ ์„ค๋ช…๋œ ๋ธ”๋กœ๊ทธ

Django Auth ์‹œ์Šคํ…œ์—์„œ ์ œ๊ณตํ•˜๋Š” ๊ธฐ๋Šฅ๋“ค

Users

  • Permissions: Binary (yes/no) flags designating whether a user may perform a certain task.

  • Groups : A generic way of applying labels and permissions to more than one user.

  • A configurable password hashing system

  • Forms and view tools for logging in users, or restricting content

  • A pluggable backend system

  • Password strength checking

  • Throttling of login attempts (๋กœ๊ทธ์ธ ์‹œ๋„๊ฐ€ ๋งŽ์•„์ง€๋ฉด ๋กœ๊ทธ์ธ์„ ๋ชปํ•˜๊ฒŒ ํ•˜๋Š” ๊ธฐ๋Šฅ)

  • Authentication against third-parties (OAuth, for example)

  • Object-level permissions

Auth ๊ธฐ๋ณธ ๊ฐœ๋…

  • Django Auth ๋„ App ์ด๋‹ค.

    • App ๊ณ ์œ ์˜ urlconf, view, model ์„ ๊ฐ€์ง€๊ณ  ์žˆ๋‹ค. auth app ๋„ ๊ฐ€์ง€๊ณ  ์žˆ๋‹ค.

  • Django auth ์˜ ํ•ต์‹ฌ ์ ์ธ ๊ธฐ๋Šฅ์€ User Model ์ด๋‹ค.

  • ์œ ์ €๋ฅผ ๋งŒ๋“œ๋Š” ๋ฐฉ๋ฒ•(ํšŒ์›๊ฐ€์ž…)

  • ๋น„๋ฐ€๋ฒˆํ˜ธ ๋ณ€๊ฒฝ ๋ฐฉ๋ฒ•

Reference

mozila django tutorial 08