The least painful and indeed Django-recommended way of doing this is through a OneToOneField(User)
property.
…
If you wish to store information related to User
, you can use a one-to-one relationship to a model containing the fields for additional information. This one-to-one model is often called a profile model, as it might store non-auth related information about a site user.
That said, extending django.contrib.auth.models.User
and supplanting it also works...
Some kinds of projects may have authentication requirements for which Django’s built-in User
model is not always appropriate. For instance, on some sites it makes more sense to use an email address as your identification token instead of a username.
[Ed: Two warnings and a notification follow, mentioning that this is pretty drastic.]
I would definitely stay away from changing the actual User class in your Django source tree and/or copying and altering the auth module.
As pointed out in this answer, Django 1.9 added the Field.disabled attribute:
The disabled boolean argument, when set to True, disables a form field using the disabled HTML attribute so that it won’t be editable by users. Even if a user tampers with the field’s value submitted to the server, it will be ignored in favor of the value from the form’s initial data.
With Django 1.8 and earlier, to disable entry on the widget and prevent malicious POST hacks you must scrub the input in addition to setting the readonly
attribute on the form field:
class ItemForm(ModelForm):
def __init__(self, *args, **kwargs):
super(ItemForm, self).__init__(*args, **kwargs)
instance = getattr(self, 'instance', None)
if instance and instance.pk:
self.fields['sku'].widget.attrs['readonly'] = True
def clean_sku(self):
instance = getattr(self, 'instance', None)
if instance and instance.pk:
return instance.sku
else:
return self.cleaned_data['sku']
Or, replace if instance and instance.pk
with another condition indicating you're editing. You could also set the attribute disabled
on the input field, instead of readonly
.
The clean_sku
function will ensure that the readonly
value won't be overridden by a POST
.
Otherwise, there is no built-in Django form field which will render a value while rejecting bound input data. If this is what you desire, you should instead create a separate ModelForm
that excludes the uneditable field(s), and just print them inside your template.
Best Answer
You can use the
db.rename_column
function.The first argument of
db.rename_column
is the table name, so it's important to remember how Django creates table names:In the case where you have a multi-worded, camel-cased model name, such as ProjectItem, the table name will be
app_projectitem
(i.e., an underscore will not be inserted betweenproject
anditem
even though they are camel-cased).