Logging in to a Django site with a magic token

I have a simple video website for my kids and each kid has a separate login. This is so they can each have their own videos, but also so that some videos can be private (ie. hidden from the outside world, or other logged in users). Typing in a username and password is impossible for my kids to do, as they are almost 5 and 2 years old, and they use this website on Google TV. So, with a magic token-style login, all they need to do is navigate to their bookmark on the Google TV homepage and press OK on the remote control.

(I don't need crazy security--it wouldn't be the end of the world if somehow someone guessed the magic token and saw some private videos, which are basically just home videos uploaded to Youtube. Videos that I really wouldn't want the public to see don't get uploaded to Youtube in the first place.)

I couldn't find how to do this easily, although one person on stackoverflow suggested "logging in the user in the view by calling 'login'". The tricky part was figuring out that I had to set the User object's backend to 'django.contrib.auth.backends.ModelBackend'. It's a bit of a hack, but it works, and it's simple.

models.py:

class MagicToken(models.Model):
    user = models.OneToOneField(User)
    magictoken = models.CharField(max_length=128, unique=True)
 
    def __unicode__(self):
        return unicode(self.user)

views.py:

from django.http import HttpResponse, HttpResponseRedirect, Http404
import django.contrib.auth.login
 
class MagicTokenLogin(View):
    def get(self, request, token):
        try:
            magic_token_obj = MagicToken.objects.get(magictoken=token)
        except MagicToken.DoesNotExist:
            raise Http404
 
        user = magic_token_obj.user
        user.backend = 'django.contrib.auth.backends.ModelBackend'
        django.contrib.auth.login(request, user)
        if request.user.is_authenticated():
            # login successful
            return HttpResponseRedirect(reverse('some-view-for-logged-in-users'))
        else:
            # login failed
            return HttpResponseRedirect(reverse('some-view'))

Comments

I am first time here; this is very nice and gives in depth information. I will definitely come back to more times in this year for submit more post. Keep trying to make best. Thanks for approving.

I think this blog is one of the best platforms to get updated with the latest information. This is such an extraordinary asset; I have thoroughly enjoyed reading your points and have come to the conclusion that you are right about many of them. You are great.

I wanted to comment & say that I enjoyed reading your posts & they are all very well written out and like to keep on visiting this site once again. I found it very interesting things in this post. I must say a very well written and informative post and really appreciate your effort. Thanks a lot

I wanted to comment & say that I enjoyed reading your posts & they are all very well written out and like to keep on visiting this site once again. I found it very interesting things in this post. I must say a very well written and informative post and really appreciate your effort. Thanks a lot

This is such a great resource that you are providing and you give it away for free. I love seeing blog that understand the value. Im glad to have found this post as its such an interesting one! I am always on the lookout for quality posts and articles so i suppose im lucky to have found this! I hope you will be adding more in the future...
pescadolimon.com

Exactly what I was looking for thanks ! Its a great article I will use this all the time !
hoverboard

Fantastic goods from you, man. I have consider your stuff previous to and you are simply too fantastic.
I actually like what you've bought here, certainly like
what you are stating and the way in which through which you assert
it. You are making it entertaining and you continue to take care of to stay it wise.
I can't wait to read much more from you. That is actually a terrific site.

Also visit my web-site; 1

I was searching a site like this, because I found all information here. Your all articles are amazing and i enjoy to read your all blogs and I would really like to read your new articles.

Pages

Add new comment