Users

HIdP does not provide a concrete user model. Instead, it provides a base user model that you must inherit from in your own user model. This allows you to define a user model that fits your application’s needs while still being able to adhere to the requirements of HIdP.

Model

To create a user model, inherit from hidp.accounts.models.BaseUser, this model provides the fields and methods required by HIdP, Django and Django Admin.

Don’t forget to point AUTH_USER_MODEL in your setting to your custom user model.

class hidp.accounts.models.BaseUser(*args: Any, **kwargs: Any)

Abstract base class that extends Django’s default user model.

password

Hashed password.

Type:

CharField

first_name

Given name, optional

Type:

CharField

last_name

Family name, optional

Type:

CharField

is_active

Whether the user is active (allowed to log in).

Defaults to True.

Type:

BooleanField

is_staff

Whether the user is a staff member (allowed to log into the admin site).

This field is used exclusively by Django’s permissions system and has no special meaning in HIdP. It is recommended to avoid direct use of this field in your application code. Instead, rely on the permissions features provided by Django.

Defaults to False.

Type:

BooleanField

is_superuser

Whether the user is a superuser (allowed to do anything).

This field has no additional meaning in HIdP. It is recommended to avoid direct use of this field in your application code. Instead, rely on Django’s group features to assign specific permissions groups of users.

Defaults to False.

Type:

BooleanField

groups

Groups the user belongs to

Type:

ManyToManyField

user_permissions

Permissions the user has

Type:

ManyToManyField

date_joined

Date and time when the user was created.

Defaults to the current date and time.

Type:

DateTimeField

last_login

Date and time when the user last logged in Populated by Django when the django.contrib.auth.user_logged_in signal is sent.

Defaults to None.

Type:

DateTimeField

Alters the default Django user model with the following modifications

id

Primary key, a version 7 UUID.

Altered:

Was int in the default Django user model.

Type:

UUIDField

email

Email address, case-insensitive, unique and required.

Altered:

Was case-sensitive, not unique and optional in the default Django user model.

Type:

EmailField

username
Altered:

The username field is removed in favor of the email field

Type:

None

Adds the following attributes

email_verified

Date and time when the email address was verified.

Defaults to None.

Type:

DateTimeField

agreed_to_tos

Date and time when the user agreed to the terms of service.

Defaults to None

Type:

DateTimeField

last_modified

Date and time when the user was last modified. Populated by Django when the user is saved.

Defaults to the current date and time.

Type:

DateTimeField

check_password(raw_password)

Check the raw password against the user’s hashed password.

When the password is correct, but uses an outdated hashing algorithm, the password is upgraded to use the latest algorithm.

Will save the user if the password is upgraded.

Parameters:

raw_password (str) – The raw password to be checked.

Returns:

True if the password is correct, False otherwise.

clean()

Normalize the email address by lower-casing the domain part.

Automatically called before saving the user.

email_user(subject, message, from_email=None, **kwargs)

Email this user with the given subject and message.

If from_email is not specified settings.DEFAULT_FROM_EMAIL is used.

Additional keyword arguments are passed to the send_mail function as-is.

Parameters:

  • subject (str) – The subject of the email.

  • message (str) – The message of the email.

  • from_email (str, optional) – The sender’s email address.

get_full_name()

Return the first name and the last name, separated by a space.

Returns:

The full name of the user.

Return type:

str

get_short_name()

Return the first name.

Returns:

The first name of the user.

Return type:

str

has_usable_password()

Check if the user has a usable password.

Returns:

True if the user has a password set and it doesn’t begin with the unusable password prefix.

Return type:

bool

property is_anonymous

Helper property to find out if user is anonymous or authenticated.

bool: Always False. As opposed to always True for AnonymousUser.

property is_authenticated

Helper property to find out if user is anonymous or authenticated.

bool: Always True. As opposed to always False for AnonymousUser.

save(*args, update_fields=None, **kwargs)

Save the user to the database.

Altered:

Always normalizes the email address before saving.

set_password(raw_password)

Set the user’s password field to the hashed value of the raw password.

The user is not saved after setting the password.

Parameters:

raw_password (str) – The raw password to be hashed.

set_unusable_password()

Set the user’s password field to a value that will never be a valid hash.

QuerySet

By inheriting from BaseUser, your user model will also have access to a custom query set implementation that provides some convenience methods for querying users.

class hidp.accounts.models.UserQuerySet(*args: Any, **kwargs: Any)
email_unverified()

Only include users that have not verified their email address.

Returns:

Users that have not verified their email address.

Return type:

QuerySet

email_verified()

Only include users that have verified their email address.

Returns:

Users that have verified their email address.

Return type:

QuerySet

Manager

The manager (objects) of your user model will be an instance of UserManager, which exports the same methods as UserQuerySet and additional methods for creating users inherited from Django’s UserManager.

class hidp.accounts.models.UserManager(*args: Any, **kwargs: Any)

Custom user manager that uses email as the username field.

create_superuser(email, password=None, **extra_fields)

Create a new superuser with the given email and password.

Automatically sets is_staff and is_superuser to True, unless explicitly set otherwise in extra_fields.

Parameters:

  • email (str) – The email address of the user.

  • password (str, optional) – The password of the user.

  • **extra_fields – Additional fields to set on the user.

Returns:

The newly created superuser.

Return type:

User

create_user(email, password=None, **extra_fields)

Create a new user with the given email and password.

Prefer using this method over instantiating the user model directly, as it ensures that the email address is normalized and the password is hashed.

Automatically sets is_staff to False and is_superuser to False, unless explicitly set otherwise in extra_fields.

Parameters:

  • email (str) – The email address of the user.

  • password (str, optional) – The password of the user.

  • **extra_fields – Additional fields to set on the user.

Returns:

The newly created user.

Return type:

User