Authentication is always a PITA to handle when developing a webapp. It usually implies the user creating one more account to access the new resource, or the setup of complex services like LDAP.
In a scenario where the app will be used by a specific group, (like a company) the django-auth-imap can be really handy. It uses the existing IMAP server to authenticate users from your application.
This way you don't have to add a new service (like ldap), your user don't have to create another account, and most important: you don't have to store passwords in your system. Your user will be able to login simply using his company e-mail credentials.
The best part? It's dead simple to make your app authenticate against a IMAP server:
pip install django_auth_imap
AUTHENTICATION_BACKENDS = ( 'django_auth_imap.backend.IMAPBackend', )
IMAP_AUTH_HOST = 'imap.gmail.com'
IMAP_AUTH_ALLOWED_USERS = ["*"] IMAP_DOMAIN = "google.com" IMAP_AUTH_ADMIN = ["firstname.lastname@example.org", "email@example.com"]
These rules will allow anyone whose email address ends in google.com to login in your app. The users "sergey.brin" and "larry.page" will also be able to login at admin interface and will be considered as django superusers.comments powered by Disqus