custom user models for admin login

docker-compose.yml

@@ -15,6 +15,8 @@ services:
       - REDIS_HOST=archivist-redis
       - HOST_UID=1000
       - HOST_GID=1000
+      - TA_USERNAME=tubearchivist
+      - TA_PASSWORD=verysecret
     depends_on:
       - archivist-es
       - archivist-redis

run.sh

@@ -15,7 +15,9 @@ done
 
 python manage.py makemigrations
 python manage.py migrate
-python manage.py createsuperuser --noinput
+export DJANGO_SUPERUSER_PASSWORD=$TA_PASSWORD && \
+    python manage.py createsuperuser --noinput --name "$TA_USERNAME"
+
 python manage.py collectstatic --noinput -c
 nginx &
 celery -A home.tasks worker --loglevel=INFO &

tubearchivist/config/settings.py

@@ -23,7 +23,7 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/
 
-PW_HASH = hashlib.sha256(environ.get("DJANGO_SUPERUSER_PASSWORD").encode())
+PW_HASH = hashlib.sha256(environ.get("TA_PASSWORD").encode())
 SECRET_KEY = PW_HASH.hexdigest()
 
 # SECURITY WARNING: don't run with debug turned on in production!
@@ -109,6 +109,8 @@ AUTH_PASSWORD_VALIDATORS = [
     },
 ]
 
+AUTH_USER_MODEL = "home.Account"
+
 
 # Internationalization
 # https://docs.djangoproject.com/en/3.2/topics/i18n/

tubearchivist/home/admin.py

@@ -1,3 +1,36 @@
-from django.contrib import admin  # noqa: F401 - Unused import
+"""custom admin classes"""
 
-# Register your models here.
+from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
+
+from .models import Account
+
+
+class HomeAdmin(BaseUserAdmin):
+    """register in admin page"""
+
+    list_display = ("name", "is_staff", "is_superuser")
+    list_filter = ("is_superuser",)
+
+    fieldsets = (
+        (None, {"fields": ("is_staff", "is_superuser", "password")}),
+        ("Personal info", {"fields": ("name",)}),
+        ("Groups", {"fields": ("groups",)}),
+        ("Permissions", {"fields": ("user_permissions",)}),
+    )
+    add_fieldsets = (
+        (
+            None,
+            {"fields": ("is_staff", "is_superuser", "password1", "password2")},
+        ),
+        ("Personal info", {"fields": ("name",)}),
+        ("Groups", {"fields": ("groups",)}),
+        ("Permissions", {"fields": ("user_permissions",)}),
+    )
+
+    search_fields = ("name",)
+    ordering = ("name",)
+    filter_horizontal = ()
+
+
+admin.site.register(Account, HomeAdmin)

tubearchivist/home/models.py

@@ -1,3 +1,53 @@
-from django.db import models  # noqa: F401 - Unused import
+"""custom models"""
+from django.contrib.auth.models import (
+    AbstractBaseUser,
+    BaseUserManager,
+    PermissionsMixin,
+)
+from django.db import models
 
-# Create your models here.
+
+class AccountManager(BaseUserManager):
+    """manage user creation methods"""
+
+    use_in_migrations = True
+
+    def _create_user(self, name, password, **extra_fields):
+        """create regular user private"""
+        values = [name, password]
+        field_value_map = dict(zip(self.model.REQUIRED_FIELDS, values))
+        for field_name, value in field_value_map.items():
+            if not value:
+                raise ValueError(f"The {field_name} value must be set")
+
+        user = self.model(name=name, **extra_fields)
+        user.set_password(password)
+        user.save(using=self._db)
+        return user
+
+    def create_user(self, name, password):
+        """create regular user public"""
+        return self._create_user(name, password)
+
+    def create_superuser(self, name, password, **extra_fields):
+        """create super user"""
+        extra_fields.setdefault("is_staff", True)
+        extra_fields.setdefault("is_superuser", True)
+
+        if extra_fields.get("is_staff") is not True:
+            raise ValueError("Superuser must have is_staff=True.")
+        if extra_fields.get("is_superuser") is not True:
+            raise ValueError("Superuser must have is_superuser=True.")
+
+        return self._create_user(name, password, **extra_fields)
+
+
+class Account(AbstractBaseUser, PermissionsMixin):
+    """handle account creation"""
+
+    name = models.CharField(max_length=150, unique=True)
+    is_staff = models.BooleanField(default=False)
+    objects = AccountManager()
+
+    USERNAME_FIELD = "name"
+    REQUIRED_FIELDS = ["password"]