Django - Auth with mongoengine DB

Question

I want to handle authentications in my Django project with my mongoengine db.

I tried a few examples about this stuff answered in old questions but it didn't run. I'm using Django 1.6 and mongoengine. Everything is installed, running and I can create and save documents to my Mongoengine DB.

I'm following http://mongoengine-odm.readthedocs.org/en/latest/django.html

And i get the following error:

When i run:

>>> from django.contrib.auth.models import User
>>> user = User.objects.create_user('john', 'lennon@thebeatles.com', 'johnpassword')

I get this:

Traceback (most recent call last):
  File "<console>", line 1, in <module>
  File "/REBORN/reb_env/local/lib/python2.7/site-packages/django/db/models/manager.py", line 273, in __get__
    self.model._meta.object_name, self.model._meta.swapped
AttributeError: Manager isn't available; User has been swapped for 'mongo_auth.MongoUser'
>>> 

I really don't understand 2 things:

-Do I must create and define the database where the users will be stored or they will be created automatically?

-What is Manager? I haven't defined any manager stuff

At the beggining i thought that the register was saved in a db. callled 'mongo_auth.MongoUser' but it didn't save it in nowhere.

Here is the models:

# Create your models here.
from mongoengine import *

class Profile(Document):
    email = StringField(required=True)
    first_name = StringField(max_length=50)
    last_name = StringField(max_length=50)

class auth_user(Document):
    username = StringField(max_length=50)
    email = StringField(max_length=50)
    password = StringField(max_length=50)

The settings.py is properly configured as the manual says.

EDIT @cestDiego:

My settings are exactly the same, I've noticed about the Db backend because it creates me a database which am not interested because I use mongo...Anyway I'm ussing from mongoengine.django.auth import User now but when I try to create an User it returns me :

>>> user = User.objects.create_user('john', 'lennon@thebeatles.com', 'johnpassword')
Traceback (most recent call last):
  File "<console>", line 1, in <module>
AttributeError: 'QuerySet' object has no attribute 'create_user'

Maybe we are customizing the auth and that's why not work, no idea. Do you have this problem too ?

SECOND EDIT:

I was reading and we have to use Djangos auth, after configure the right settings, as both we have done.

Then must import the from django.contrib.auth import authenticate and use authenticate as it is provided in Django docs, hope to help ;D.

from django.shortcuts import render
# Create your views here.
from django.http import HttpResponse
from game.models import *
from mongoengine import *
from models import User
from django.contrib.auth import authenticate

def login(request):
        user = authenticate(username='john', password='secret')
        if user is not None:
            # the password verified for the user
            if user.is_active:
                print("User is valid, active and authenticated")
            else:
                print("The password is valid, but the account has been disabled!")
        else:
            # the authentication system was unable to verify the username and password
            print("The username and password were incorrect.")

Answer 1

Hey I'm in the same situation as you are. As I can figure out you have these in the settings.py

AUTH_USER_MODEL = 'mongo_auth.MongoUser'
MONGOENGINE_USER_DOCUMENT = 'mongoengine.django.auth.User'

And this in the installed apps

'mongoengine.django.mongo_auth'

This means that now you are using the Mongoengine authentication method, The first line you are using imports the DJANGO authentication method, so there's the problem. You are not creating any databases in mongodb, but in the dummy one you have set up with the backend.dummy in the ORM of Django.

I don't know how to use mongoengine's auth method, if you figure it out please explain it to me too ;) I hope I clarified you a little about the problem we both face here. It's just a matter of reading more profoundly the docs.

EDIT: (1 minute after the answer) I found this in the documentation you linked to:

MongoEngine includes a Django authentication backend, which uses MongoDB. >The User model is a MongoEngine Document, but implements most of the >methods and attributes that the standard Django User model does - so the >two are moderately compatible.

so that means that in your case, swap the

from django.contrib.auth import User

to

from mongoengine.django.auth import User

Answer 2

I solve the problem

In Django 1.6...

My settings.py looks like this:

"""
Django settings for prova project.

For more information on this file, see
https://docs.djangoproject.com/en/1.6/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.6/ref/settings/
"""

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os
BASE_DIR = os.path.dirname(os.path.dirname(__file__))


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.6/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = '^%r&tw5_steltu_ih&n6lvht0gs(0p#0p5z0br@+#l1o(iz_t6'

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

TEMPLATE_DEBUG = True

ALLOWED_HOSTS = []


# Application definition

INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django.contrib.sessions',
)

MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
)

ROOT_URLCONF = 'prova.urls'

WSGI_APPLICATION = 'prova.wsgi.application'


# Database
# https://docs.djangoproject.com/en/1.6/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.dummy'
    }
}
AUTHENTICATION_BACKENDS = (
    'mongoengine.django.auth.MongoEngineBackend',
)
SESSION_ENGINE = 'mongoengine.django.sessions'
SESSION_SERIALIZER = 'mongoengine.django.sessions.BSONSerializer'
# Internationalization
# https://docs.djangoproject.com/en/1.6/topics/i18n/

LANGUAGE_CODE = 'en-us'

TIME_ZONE = 'UTC'

USE_I18N = True

USE_L10N = True

USE_TZ = True


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.6/howto/static-files/

STATIC_URL = '/static/'

and my views.py looks like:

from django.shortcuts import render
# Create your views here.
from django.http import HttpResponse
from game.models import *  
from mongoengine import *
#from django.contrib.auth import authenticate
from mongoengine.django.auth import User

def login(request):
    connect('reborn')
    from django.contrib.auth import login
    from mongoengine.django.auth import User
    from mongoengine.queryset import DoesNotExist
    from django.contrib import messages
    try:
        user = User.objects.get(username='bob')#request.POST['username'])
        if user.check_password('bobpass'):#request.POST['password']):
            user.backend = 'mongoengine.django.auth.MongoEngineBackend'
            print login(request, user)
            request.session.set_expiry(60 * 60 * 1) # 1 hour timeout
            print "return"
            return HttpResponse("LOGUEJAT")#redirect('index')
        else:
            print "malament"
            messages.add_message(request,messages.ERROR,u"Incorrect login name or password !")
    except DoesNotExist:
        messages.add_message(request,messages.ERROR,u"Incorrect login name or password !")
    return render(request, 'login.html', {})

def logout(request):#NOT TESTED
    from django.contrib.auth import logout
    logout(request)
    return redirect('login')

def createuser(request): 
    connect('reborn')
    User.create_user('boba','bobpass','bobsaget@fullhouse.gov')
    return HttpResponse("SAVED")

now the user object is saved in DB like:

{
    "_id" : ObjectId("53465fa60f04c6552ab77475"),
    "_cls" : "User",
    "username" : "boba",
    "email" : "bobsaget@fullhouse.gov",
    "password" : "pbkdf2_sha256$12000$ZYbCHP1K1kDE$Y4LnGTdKhh1irJVktWo1QZX6AlEFn+1daTEvQAMMehA=",
    "is_staff" : false,
    "is_active" : true,
    "is_superuser" : false,
    "last_login" : ISODate("2014-04-10T09:08:54.551Z"),
    "date_joined" : ISODate("2014-04-10T09:08:54.550Z"),
    "user_permissions" : [ ]
}

Answer 3

I could not reproduce the error message you are getting, @Bugfixer. I assume it is happening because you have AUTH_USER_MODEL set on your settings, this entry should be in your settings only if you have a custom user model.

Will try to put in this answer exactly what I did to make it run with a custom user model on which I add a favorites array:

settings.py

from mongoengine import *

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.dummy',
    }
}

AUTHENTICATION_BACKENDS = (
    'mongoengine.django.auth.MongoEngineBackend',
    ...
)

INSTALLED_APPS = (
    'django.contrib.auth',
    'mongoengine.django.mongo_auth',
    ....
)

SESSION_ENGINE = 'mongoengine.django.sessions'

AUTH_USER_MODEL=('mongo_auth.MongoUser')
MONGOENGINE_USER_DOCUMENT = 'MyAwesomeApp.app.models.CustomUser'

models.py

from mongoengine.django.auth import User
from mongoengine import *

class CustomUser(User):

    """Extend mongoengine User model"""
    favorites = ListField(ReferenceField(MyReferencedModel, dbref=False))

    USERNAME_FIELD = 'username'
    REQUIRED_FIELDS = () #must be list or tuple

    def toJSON(self):
        fav_list = []

        for f in self.favorites:                
            fav_list.append(f.toJSON())

        userJSON = {}
        userJSON['id'] = str(self.pk)
        userJSON['favorites'] = fav_list
        userJSON['email'] = str(self.email)
        userJSON['last_name'] = str(self.last_name)
        userJSON['first_name'] = str(self.first_name)
        userJSON['username'] = str(self.username)
        return simplejson.dumps(userJSON)

views.py

from MyAwesomeApp.app.models import CustomUser

#util
def extractDataFromPost(request):
    rawData = request.body.replace('false', 'False')
    rawData = rawData.replace('true', 'True')
    rawData = rawData.replace('null', 'None')
    return eval(rawData)  

#util
def jsonResponse(responseDict):
    return HttpResponse(simplejson.dumps(responseDict), mimetype='application/json')

def createUser(request):
    data = extractDataFromPost(request)

    email = data["email"]
    password = data["password"]
    user_type = data["user_type"]

    try: 
        user = CustomUser.objects.get(username=email)
        return jsonResponse({'error':True, 'message': 'Email já cadastrado'})
    except CustomUser.DoesNotExist:
        user = CustomUser.create_user(email, password, email)
        user.favorites = []
        user.save()
        user = authenticate(username=email, password=password)
        user.backend = 'mongoengine.django.auth.MongoEngineBackend'
        login(request, user)
        request.session.set_expiry(3600000) # 1 hour timeout
        del user.password
        return HttpResponse(simplejson.dumps(user.toJSON())) 

Let me know if you have any trouble.

Regards