/django-wordpress-auth

Django integration with Wordpress's authentication and roles / capabilities system.

Primary LanguagePython

Django WordPress Auth

Introduction

Allows for access in Django to a WordPress installation for checking for things like login status and roles / capabilities.

Requirements

Python Dependencies:

WordPress Dependencies:

Alternatives to Root Cookie

If you are receiving warnings using root Cookie, please see this issue for alternative solutions.

Installation

Add your WordPress's auth keys and salts (found in wp-config.php) to your settings.py.

The WORDPRESS_LOGGED_IN_KEY value comes from your Wordpress installations

define('LOGGED_IN_KEY',    'rs&^D%jPdu=vk|VVDsdfsdgsdgsdg9sd87f98s7h[Xm$3gT/@1xdas');

while WORDPRESS_LOGGED_IN_SALT value comes from

define('LOGGED_IN_SALT',   '3]x^n{d8=su23902iu09jdc09asjd09asjd09jasdV-Lv-OydAQ%?~');
WORDPRESS_LOGGED_IN_KEY = "rs&^D%jPdu=vk|VVDsdfsdgsdgsdg9sd87f98s7h[Xm$3gT/@1xdasd"
WORDPRESS_LOGGED_IN_SALT = "3]x^n{d8=su23902iu09jdc09asjd09asjd09jasdV-Lv-OydAQ%?~"

Add your WordPress database to DATABASES in settings.py.

DATABASES = {
    'default': {
        ... # default django DB
    },
    'wordpress': {  # must be named 'wordpress'
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'wordpress',
        'USER': '...',
        'PASSWORD': '...',
        'HOST': '...',
        'PORT': 3306,
    }
}

Add the middleware to MIDDLEWARE_CLASSES in settings.py. Make sure it's placed somewhere after the session middleware.

MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    # ...
    'wordpress_auth.middleware.WordPressAuthMiddleware',
)

Add the context_processors to TEMPLATES in settings.py.

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                # ...
                'wordpress_auth.utils.wordpress_context_processor'
            ],
        },
    },
]

Finally, add wordpress_auth to INSTALLED_APPS.

INSTALLED_APPS = (
    # ...
    'wordpress_auth',
)

Usage

To restrict a view to a certain role, simply wrap the view in the wordpress_requires_role decorator.

from wordpress_auth.decorators import wordpress_requires_role

@wordpress_requires_role('my_role')
def my_view():
    pass

You can restrict a view to a capability as well.

from wordpress_auth.decorators import wordpress_requires_capability

@wordpress_requires_capability('my_capability')
def my_view():
    pass

Finally, the middleware provides access to the WordPress user via request.wordpress_user.

See models.py for full reference. Some of the redundant naming conventions in the WordPress database have been made simpler as well.