Django Windows Authentication

Question

Similar to this question:

How to use windows authentication to connect to MS SQL server from windows workstation in another domain with Python

My current database configurations looks like this:

   'default': {
        'ENGINE': "sql_server.pyodbc",
        'HOST': "myServer\server1",
        'USER': "myUserName",
        'PASSWORD': "myPassWord",
        'NAME': "myDB"

However, I would like to pass through Windows Authentication so that I can keep track of who is making changes to the DB. I have Windows Authentication enabled through IIS, so users are prompted to login when they visit my app. I have tried this, but it did not work:

   'default': {
        'ENGINE': "sql_server.pyodbc",
        'HOST': "myServer\server1",
        'trusted_connection': 'yes'
        'NAME': "myDB"

Is there a way to pass through windows authentication to the Django database settings?

Have you seen this? https://stackoverflow.com/questions/26881344/django-authenticate-using-logged-in-windows-domain-user — Andrey Shipilov, May 24 '19 at 04:51

score 0 · Answer 1 · answered Aug 17 '20 at 20:17

I am not sure that you can use your client's window username as the authenticator to a trusted connection to SQL Server.

If you set your Web App to using AD authentication(trusted connection) like Windows Authentication, your Web App will use the windows account that is hosting your Web App on your server to connect to your SQL Server.

To accomplish tracking what user made what edits to a table in SQL Server... If you are tracking who is making edits to tableA:

Create an additional column to tableA, and call it UpdatedBy that stores nvarchar(255) datatype
Whenever your Web App make changes to a record in tableA, make sure to update [UpdatedBy] for the same record, with your client's window username

score 0 · Answer 2 · answered Jan 07 '21 at 11:26

Check out this module https://pypi.org/project/django-windowsauth/

You can use this module to integrate Windows Authentication into your Django Project through IIS.

Then, you can add a create_by / updated_by field to any model you desire.

from django.contrib.auth.models import get_user_model()
from django.db import models

class Author(models.Model):
    name = models.CharField(max_length=200)
    created_by = models.ForeignKey(get_user_model(), on_delete=models.CASCADE)

    # ...

Using the user from the request context, you can set the field like this:

from django.contrib.auth.mixins import LoginRequiredMixin
from django.views.generic.edit import CreateView
from myapp.models import Author

class AuthorCreate(LoginRequiredMixin, CreateView):
    model = Author
    fields = ['name']

    def form_valid(self, form):
        form.instance.created_by = self.request.user
        return super().form_valid(form)

https://docs.djangoproject.com/en/3.1/topics/class-based-views/generic-editing/#models-and-request-user

or using DRF like this:

class YourView(generics.ListCreateAPIView):
    ...
    def perform_create(self, serializer):
        serializer.save(user=self.request.user)

How to set current user to user field in Django Rest Framework?

Same applies to update_by field, though I suggest you take a look at this great module https://pypi.org/project/django-simple-history/

Django Windows Authentication

2 Answers2