websauna.system.user.usermixin module¶

Default user model field definitions.

This module defines what fields the default user implementation can have. You can subclass these mixins and then provide your own implementation for concrete models.

class websauna.system.user.usermixin.ActivationMixin[source]¶

Bases: object

Sign up / forgot password activation code reference.

code = Column(None, String(length=32), table=None, nullable=False, default=ColumnDefault(<function ActivationMixin.<lambda>>))¶

created_at = Column(None, UTCDateTime(), table=None, default=ColumnDefault(<function now>))¶: When this group was created.

expires_at = Column(None, UTCDateTime(), table=None, nullable=False)¶: All activation tokens must have expiring time

id = Column(None, Integer(), table=None, primary_key=True, nullable=False)¶: Running counter id

is_expired()[source]¶: The activation best before is past and we should not use it anymore.

updated_at = Column(None, UTCDateTime(), table=None, onupdate=ColumnDefault(<function now>))¶: When the group was updated last time. Please note that this does not concern group membership, only desription updates.

websauna.system.user.usermixin.DEFAULT_USER_DATA = {'first_login': True, 'full_name': None, 'registration_source': None, 'social': {}}¶: Initialze user_data JSONB structure with these fields on new User

class websauna.system.user.usermixin.GroupMixin[source]¶

Bases: object

Basic fields for Websauna default group model.

DEFAULT_ADMIN_GROUP_NAME = 'admin'¶: Assign the first user initially to this group

created_at = Column(None, UTCDateTime(), table=None, default=ColumnDefault(<function now>))¶: When this group was created.

description = Column(None, String(length=256), table=None)¶: Human readable description of the group

group_data = Column(None, JSONB(astext_type=Text()), table=None, default=ColumnDefault(<function dict>))¶: Extra JSON data to be stored with this group

id = Column(None, Integer(), table=None, primary_key=True, nullable=False)¶: Running counter id of the group

name = Column(None, String(length=64), table=None, nullable=False)¶: Human readable / machine referrable name of the group

updated_at = Column(None, UTCDateTime(), table=None, onupdate=ColumnDefault(<function now>))¶: When the group was updated last time. Please note that this does not concern group membership, only desription updates.

uuid = Column(None, UUID(as_uuid=False), table=None, default=ColumnDefault(<function uuid4>))¶: Publicly exposable ID of the group

class websauna.system.user.usermixin.SiteCreator[source]¶

Bases: object

Component responsible for setting up an empty site on first login.

The site creator is run by the activation of the first user. This either happens¨

When the activation email is sent to the first user
When the first user logs through social media account

check_empty_site_init(dbsession, user)[source]¶: Call after user creation to see if this user is the first user and should get initial admin rights.

init_empty_site(dbsession, user)[source]¶

When the first user signs up build the admin groups and make the user member of it.

Make the first member of the site to be admin and superuser.

class websauna.system.user.usermixin.UserGroupMixin[source]¶

Bases: object

Map users to groups.

id = Column(None, Integer(), table=None, primary_key=True, nullable=False)¶

class websauna.system.user.usermixin.UserMixin[source]¶

Bases: object

A user who signs up with email or with email from social media.

This mixin provides the default required columns for user model in Websauna.

The user contains normal columns and then user_data JSON field where properties and non-structured data can be easily added without migrations. This is especially handy to store incoming OAuth fields from social networks. Think Facebook login data and user details.

activated_at = Column(None, UTCDateTime(), table=None)¶: When this user was activated: email confirmed or first social login

can_login()[source]¶

Is this user allowed to login.

Return type: bool

created_at = Column(None, UTCDateTime(), table=None, default=ColumnDefault(<function now>))¶: When this account was created

email = Column(None, String(length=256), table=None)¶

enabled = Column(None, Boolean(name='user_enabled_binary'), table=None, default=ColumnDefault(True))¶: Is this user account enabled. The support can disable the user account in the case of suspected malicious activity.

first_login¶: Is this the first login the user manages to do to our system. If this flag is set the user has not logged in to the system before and you can give warm welcoming experience.

property friendly_name¶

How we present the user’s name to the user itself.

Picks one of 1) full name if set 2) username if set 3) email.

Return type: str

full_name¶: Full name of the user (if given)

generate_username()[source]¶

The default username we give for the user.

In the format user-{id}.

Return type: str

hashed_password = Column('password', String(length=256), table=None)¶: Stores the password + hash + cycles as password hasher internal format.. By default uses Argon 2 format. See websauna.system.Initializer.configure_password()

id = Column(None, Integer(), table=None, primary_key=True, nullable=False)¶: Running counter id of the user

is_activated()[source]¶

Has the user completed the email activation.

Return type: bool

is_admin()[source]¶

Does this user the see the main admin interface link.

TODO: This is very suboptimal, wasted database cycles, etc. Change this.

Return type: bool

is_in_group(name)[source]¶

Return type: bool

is_valid_session(session_created_at)[source]¶

Check if the current session is still valid for this user.

Return type: bool

last_auth_sensitive_operation_at = Column(None, UTCDateTime(), table=None, default=ColumnDefault(<function now>))¶: Store when this user changed the password or authentication details. Updating this value causes the system to drop all sessions which were created before this moment. E.g. you will kick out all old sessions on a password or email change.

last_login_at = Column(None, UTCDateTime(), table=None)¶: When this user accessed the system last time. None if the user has never logged in (only activation email sent). Information stored for the security audits.

last_login_ip = Column(None, INET(length=50), table=None)¶: From which IP address did this user log in from. If this IP is null the user has never logged in (only activation email sent). Information stored for the security audits. It is also useful for identifying the source country of users e.g. for localized versions.

registration_source¶: How this user signed up to the site. May include string like “email”, “facebook” or “dummy”. Up to the application to use this field. Default social media logins and email sign up set this.

social¶: Social media data of the user as a dict keyed by user media

updated_at = Column(None, UTCDateTime(), table=None, onupdate=ColumnDefault(<function now>))¶: When the account data was updated last time

user_data = Column(None, JSONB(astext_type=Text()), table=None, default=ColumnDefault({'full_name': None, 'registration_source': None, 'first_login': True, 'social': {}}))¶: Misc. user data as a bag of JSON. Do not access directly, but use JSONBProperties below

username = Column(None, String(length=256), table=None)¶: Though not displayed on the site, the concept of “username” is still preversed. If the site needs to have username (think Instragram, Twitter) the user is free to choose this username after the sign up. Username is null until the initial user activation is completed after db.flush() in create_activation().

uuid = Column(None, UUID(as_uuid=False), table=None, default=ColumnDefault(<function uuid4>))¶: Publicly exposable ID of the user