Logging in to a Django site with a magic token

I have a simple video website for my kids and each kid has a separate login. This is so they can each have their own videos, but also so that some videos can be private (ie. hidden from the outside world, or other logged in users). Typing in a username and password is impossible for my kids to do, as they are almost 5 and 2 years old, and they use this website on Google TV. So, with a magic token-style login, all they need to do is navigate to their bookmark on the Google TV homepage and press OK on the remote control.

(I don't need crazy security--it wouldn't be the end of the world if somehow someone guessed the magic token and saw some private videos, which are basically just home videos uploaded to Youtube. Videos that I really wouldn't want the public to see don't get uploaded to Youtube in the first place.)

I couldn't find how to do this easily, although one person on stackoverflow suggested "logging in the user in the view by calling 'login'". The tricky part was figuring out that I had to set the User object's backend to 'django.contrib.auth.backends.ModelBackend'. It's a bit of a hack, but it works, and it's simple.

class MagicToken(models.Model):
    user = models.OneToOneField(User)
    magictoken = models.CharField(max_length=128, unique=True)
    def __unicode__(self):
        return unicode(self.user)

from django.http import HttpResponse, HttpResponseRedirect, Http404
import django.contrib.auth.login
class MagicTokenLogin(View):
    def get(self, request, token):
            magic_token_obj = MagicToken.objects.get(magictoken=token)
        except MagicToken.DoesNotExist:
            raise Http404
        user = magic_token_obj.user
        user.backend = 'django.contrib.auth.backends.ModelBackend'
        django.contrib.auth.login(request, user)
        if request.user.is_authenticated():
            # login successful
            return HttpResponseRedirect(reverse('some-view-for-logged-in-users'))
            # login failed
            return HttpResponseRedirect(reverse('some-view'))

First thoughts about Django-CMS

I just set up a site using Django-CMS over at Pomme d'Api Preschool. Overall, I am pretty impressed. I really like the Django admin interface enhancements as well as the site overlay editing feature. One of the best things it he use of django-filer, a file management tool to manage all the uploads to the site. It's awesome and it makes me want to throw out this home page completely and switch over to Django-CMS. Image handling in Drupal has always sucked and still does. The fact that there was no official media/image handling in Drupal 6 sucks, and it's made worse by the fact that there is no real upgrade path to Drupal 7 for media/images, especially if you're like me and you used the "Image" and "image-assist" modules, two of the most popular modules dealing with images.

Django-CMS is pretty powerful and so far it has allowed me to do pretty much anything I have wanted to do.

Moving Data from One Database to Another with Django

So I have a django database I'm working on and I decided I wanted to do the development in sqlite3 instead of mysql. I decided to do this because it makes it easier, for example, to have someone else work on HTML/CSS if I can just give them a directory, tell them to run a bash script and go to http://localhost:8000, rather than them having to do all that AND setup a mysql server. Sure, that can also be done with a script, but with sqlite things are just a hell of a lot easier in some ways.

I decided I wanted to take the data out of my mysql database and load it into a sqlite db. Not so simple, you can't just take an SQL dump from mysql and import it into sqlite3. I started Googling around for "mysql to sqlite" and didn't really get anywhere. I then realized that Django can already talk to sqlite and mysql transparently without me having to know any SQL. So I thought about writing my own python modules to do this, but it turns out someone has already done it.

The django-extensions project has a command called "dumpscript" that "Generates a Python script that will repopulate the database using objects. The advantage of this approach is that it is easy to understand, and more flexible than directly populating the database, or using XML." This was exactly what I wanted.


Django Golf Handicap Tracker

[img_assist|nid=361|title=Django Handicap Tracker Screenshot|desc=|link=popup|align=right|width=100|height=77]


Vancouver Sun Parking Tickets Website Screen Scraper

When the Vancouver Sun came out with their Vancouver parking tickets database I immediately had some burning questions, like, did the meter maids work on holidays? Do the work less in the evening than during the day? I found it difficult to answer these questions using their interface, so I decided to screen scrape all 1.6 million parking tickets in to my own MySQL database. This was a bit challenging as they made it difficult to screen scrape the data but eventually it could be done simply by first getting an AppKey, a hidden value inside the HTML source and then doing queries using that AppKey as a parameter. It took about a week to get all 1.6 million tickets downloaded. By using Django, it was easy to get them in to a database and view the results. Initially I just put all the data in to one table, then later I decided to normalize the data a bit which was interesting as I decided to do that in pure SQL which I hadn't done before. I did the scraping itself using a combination of BeautifulSoup, lxml, and mechanize.

vancouver-parking-tickets project at GitHub

MySQL SQL dump (42 MB)

Here's some data:


Django Recipes Application

[img_assist|nid=362|title=Django Recipes Screenshot|desc=|link=popup|align=right|width=98|height=100]

My mom was writing a family cookbook using Microsoft Word and I thought this was a bad idea for several reasons. At first I thought about using LaTeX to separate the style from the content a bit, then I thought about using XML, then I settled on a database as being the most generic to store recipe data. I quickly decided on using Django to create this cookbook framework because Python is probably my strongest language and it makes creating custom websites really easy.


South is amazing

I just started using South and it is awesome. I tried django-evolution and dmigrations before but they just didn't cut it. I'm just working on a project by myself but I have it running on a slicehost server and I do development on my desktop computer or laptop computer and South has made doing data and schema migrations so much easier. I love being able to create migrations on my dev box and then try them out, make sure they worked, check-in the changed code and the migration files, sync the server's code and run ./ migrate and I'm done. I used to do manual SQL operations on both databases, or just overwrite the older with the newer (if possible). I just did two quick model changes (first was adding a new field that I wanted to seed with the data from another field, and the other was just adding a new blank=True CharField) and I felt like it was an order of magnitude faster than before.


Django Applications at Work

Today someone at my work just released a simple Django app, the second one now running at my company. Here are the two Django apps running so far:

Server scanner

This is the first Django application that we use. It started out as a script that would scan all the computers on our network and determine what version of our software they were running by inspecting a special file in one of the publicly available SMB shares. The script took about half an hour to run and generated static html that was then served up by Apache. This became cumbersome for a number of reasons. For one, it took about an hour to scan the entire network. There was no persistence whatsoever so my script had no memory of which servers had our software installed on it. These servers are quick to check. The ones that are slow to check are the ones that are actually no longer on the network, or do not have the publicly available share that we are expecting. When the project manager emailed me one day and said "the servers on this page are often out of date" I sprung in to action and converted it to a Django application. There is a script that scans the network and saves Server instances to an sqlite db. I also used a couple generic views to display a list of servers and to edit a server (to provide a description). Converting to Django from my static html generator gave me a few new features right away: 1) full scans were much quicker because I could scan the servers that actually have the software installed with a higher priority. In another thread, I can look for new servers on the network with a lower priority. There's also the "timesince" filter which is awesome, and the automatically filled DateTime fields for "created" and "updated" when I update a model instance. Not to mention ModelForms and generic views which allowed me to get this up and running quickly. The best part is that each server entry has a description entry, where people can put a note like "DO NOT TOUCH THIS SERVER" or "Dave's server, please feel free to play around on it".

Task tracker

This web app is for the software developers to keep track and inform other of what they are working on. Up until we haven't really had anything of the kind, save for e-mail and a bug tracker. Typically software developers send weekly reports to team members. This involves typing one up or constantly opening up an email draft. Either way, other team members can't see what the person is working on in real-time. So one of the members of our Python Club got interested in Django and wrote this up very quickly. He used YUI which is awesome and he just released it to a wider audience today.

Build website - in progress

This is a new one that is in progress. Currently, each build generates a folder structure containing the result of the build along with a bunch of log files and a bunch of other junk. A perl script scans these folders periodically and generates static HTML (at least I think that's how it works, I don't work on it so I don't know the details). My boss is in the process of creating some Django models. The main table is a table called Build. Then his HTML will be generated from Django templates. That is the biggest advantage of moving to Django here, in my opinion, is that he can use templates rather than HTML generation by a perl script. Having the information in a database is nice but not required. He will get some advantages from having the database though. He'll have some other tables, such as BuildServer, Release, and Product that the Build server will contain ForeignKeys to to allow filtering the builds based on these ForeignKeys. Also the build manager (someone other than my boss who is designing the Django part) will be able to use the admin interface to add new Releases, BuildServers, etc...


This apps were implemented extremely quickly and are far better than all the crappy SAP and SharePoint-based web applications used at work and the other simpler web pages around that I think are mostly static HTML or ASP. It will be interesting to see if it catches on. I had this master to plan to re-implement our entire employee performance review site (which is a particularly crappy SAP app) in Django but there are too many hurdles. We'd need to hook in to the existing SAP user tables somehow and also use the existing authentication mechanisms. But a demonstration app using the basic functionality wouldn't be that hard, and then we could worry about the hard bits later after it got approval. The existing employee performance review site is REALLY bad.

Anyways, I just thought it was cool how quickly Django has been adopted for a few simple projects at a company that is for the most part a Microsoft shop. People do use OSS here but there is a bit of a tendency to use Microsoft solutions and a bit of Not-Invented-Here syndrome as well.

Awesome Talk by Adrian Holovaty at Vancouver Python User Group

Adrian Holovaty gave a talk to the Vancouver Python User's Group tonight. Really nice, funny presentation. His plane was late so while we waited for him we watched his talk at Snakes and Rubies. He showed us some of the new features coming in Django. The neatest thing for me was this new thing he's been working on called "databrowse". It's really awesome. Also the forms stuff is a lot nicer now in the newforms library. Someone asked about migration with Django and how to modify the schema once your app is up and running. It was neat to watch him add a column to his database and watch how he did it. It's unbelievable how many apps this guy has written and with Django it is so fast. Some of the stuff he has been doing for the Washington Post is pretty cool.


Adrian Holovaty Talk and Django Jam in Vancouver

This Sunday, the Vancouver/Zope User's Group (maybe the Zope part should be removed? sorry guys) is having a "Django Jam", a hands-on session where you can see how to create some simple applications or perhaps here some people talk about things they have developed in Django. Unfortunately the two applications I am working on are immature right now and I don't have a laptop, but I'll be there checking out what other people have done.

Tuesday is even more exciting as Adrian Holovaty, the lead Django developer/founder is going to give a talk to the Python User's group while he is in town for another conference. If you are interested in web frameworks (especially simple ones done in a cool language) come and check it out.

Vancouver DjangoJam.

Full invite text follows:

Django is the Python-based web framework used at companies like
Google, the Washington Post and St. Joseph Media (publishers of
Canadian Life magazine).

"Vandjangojam" is a great opportunity to learn Django or learn more
about it. In addition to a quick introduction to Django, the jam will
feature a Q&A; session with the lead programmer of it.


Introduction to The Django Web Framework : Sunday, February 4, 2007, 1-4

We'll discuss the basics of creating applications in Django, walking
through some simple applications hands-on.

Location: Most likely Sophos Vancouver or Uniserve. RSVP to if you intend to come and we will inform you of the
location when it is confirmed.


Adrian Holovaty: The Django Web Framework: Tuesday, February 6, 2007, 7-9

Adrian will offer some thoughts about its unique features and answer
questions from the audience.

Adrian Holovaty is the lead developer of the Django Web Framework.
Adrian and his peers invented Django while working at World Online, a
highly-renowned news Web operation in Lawrence, Kansas. His team's
pioneering work on interactive journalism won numerous awards and was
described in The New York Times, NPR and IT Conversations. Currently,
Adrian is editor of editorial innovations at Washingtonpost.Newsweek
Interactive ( His job involves coming up with
ideas for site improvements and special projects, and implementing

Vancouver Python User Group Talk on Python Web Frameworks (Django, Turbogears) - October 3, 2006

Vancouver's Python and Zope User Group will be having a talk on Python web frameworks, ie. Django and Turbogears at their upcoming meeting on October 3rd. I'm looking forward to learning about web frameworks in general a bit more and perhaps what differentiates them from each other and from Ruby on Rails.

Subscribe to RSS - django