Defining two different extension to the User model

Question

class CustomerProfile(models.Model):
    user = models.ForeignKey(User, unique=True)
    gender = models.CharField(max_length=1,blank=True)
    zip_code = models.IntegerField()

class StoreProfile(models.Model):
    user = models.ForeignKey(User, unique=True)
    phone_number = models.IntegerField()

I would like to be able to login/authenticate a User either as a "store" or a "customer".

1. Is there a way to make this work with the above model?

2. I will also be looking at the @login_required decorator to differentiate between store that is logged in and a customer. Any advice on how to proceed?

Answer 1

I would like to be able to login/authenticate a User either as a "store" or a "customer".

Is there a way to make this work with the above model?

Yes, but.

http://docs.djangoproject.com/en/1.2/topics/auth/#storing-additional-information-about-users

If you want to use the automatic features, you get one (single) Profile class object associated with a User.

If you don't want to use the automatic profile features, it will work just fine. You won't be able to use the AUTH_PROFILE_MODULE setting or the get_profile() method of a User. You'll be forced to write a lot of

try:
    CustomerProfile.objects.get( user=request.user )
except CustomerProfile.DoesNotExist:
    # hmmm.  Must be a Store, not a Customer.

It's not too bad, since it's mostly going to be one generic function to fetch the related profile "the hard way".

I will also be looking at the @login_required decorator to differentiate between store that is logged in and a customer. Any advice on how to proceed?

1. Add a save() method to each class which checks for the existence of the object object. If you attempt to create a CustomerProfile for a User, the CustomerProfile.save() will check for a StoreProfile and raise an exception if it exists.

   The two relationships are exclusive. You need to assure this in your various models.

2. Write two decorators, you'll be happier. They have a fair amount of overlap, but it's nicer to write many simple parameter-free decorators than to work up an uber-decorator.

   @customer_required and @store_required. Each will do what @login_required does as well as determine which relationship with the User has a record. customer_required must check for a CustomerProfile relationship with the User. store_required checks for a StoreProfile relationship with the user.

---

http://docs.djangoproject.com/en/1.2/topics/auth/#groups

On the other hand, you have Groups defined within Django. I'd recommend that you make use of the groups and the group names instead of trying to have super-fancy profiles like this.

Have one "master" Profile with all the attributes.

Use the Django Group table to define your various roles ("User", "Store") and allocate users to groups correctly.

Then check for the Group Name in your @store_required and @customer_required authorization decorators.