Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I disable Django's admin in a deployed project, but keep it for local development?

Tags:

python

django

I am currently working in a Django project for which I need access to the admin area for local development, but want to disable it in the deployed site (for security reasons, among others).

How can I achieve this programmatically (ie using settings.py).

Many thanks.

like image 804
Rui Vieira Avatar asked Jan 30 '11 20:01

Rui Vieira

People also ask

How do I restrict admin in Django?

Django admin allows access to users marked as is_staff=True . To disable a user from being able to access the admin, you should set is_staff=False . This holds true even if the user is a superuser. is_superuser=True .

Can I use Django admin in production?

Django's Admin is amazing. A built-in and fully functional interface that quickly gets in and allows data entry is priceless. Developers can focus on building additional functionality instead of creating dummy interfaces to interact with the database.

What is the purpose of the admin site in a Django project?

The Django admin application can use your models to automatically build a site area that you can use to create, view, update, and delete records. This can save you a lot of time during development, making it very easy to test your models and get a feel for whether you have the right data.

2 Answers

First, establish a scheme so that your production server can have different settings than your development servers. A simple way to do that is with a source-control-ignored local_settings.py file, but there are many fancier ways to do it.

Then, in your settings.py file, put:

ADMIN_ENABLED = True

and in your production-only settings file, put:

ADMIN_ENABLED = False

Then in your urls.py:

if settings.ADMIN_ENABLED:     urlpatterns += patterns('',         (r'^admin/(.*)', include(admin.site.urls)),         # ..maybe other stuff you want to be dev-only, etc...         )
like image 59
Ned Batchelder Avatar answered Sep 27 '22 19:09

Ned Batchelder

Extending @NedBatchelder 's answer, you might want to use proper if statement, like this:

if settings.ADMIN_ENABLED is True:     ...

And also remove 'django.contrib.admin' from INSTALLED_APPS = [...], and use the same condition:

if settings.ADMIN_ENABLED is True:     INSTALLED_APPS.append('django.contrib.admin')

This way the module wont be loaded, and for eg. collectstatic wont copy unnecessary static files used only in admin (fonts, images, css, js).

like image 20
madneon Avatar answered Sep 27 '22 17:09

madneon
Sign in to Comment

Related questions

Use pytesseract OCR to recognize text from an image
Do we really need @staticmethod decorator in python to declare static method
How does exec work with locals?
python numpy roll with padding
PyAudio working, but spits out error messages each time
Numpy Vector (N,1) dimension -> (N,) dimension conversion
Defining SQLAlchemy enum column with Python enum raises "ValueError: not a valid enum"
Django query filter combining AND and OR with Q objects don't return the expected results
Best way to add an environment variable in fabric?
Truth value of empty set
Reading the PDF properties/metadata in Python
Using Python Requests: Sessions, Cookies, and POST
Is the golden ratio defined in Python?
Repeat Rows in Data Frame n Times [duplicate]
how to create local own pypi repository index without mirror?
How to stop a function
XGBoost XGBClassifier Defaults in Python
Get a unique computer ID in Python on windows and linux
Imshow subplots with the same colorbar
Python garbage collection

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!