custom auth backend

core/auth_backends.py

@@ -0,0 +1,29 @@
+from __future__ import annotations
+
+from typing import TYPE_CHECKING
+
+from django.contrib.auth.backends import ModelBackend
+from django.contrib.auth.models import Permission
+
+if TYPE_CHECKING:
+    from core.models import User
+
+
+class SithModelBackend(ModelBackend):
+    """Custom auth backend for the Sith.
+
+    In fact, it's the exact same backend as `django.contrib.auth.backend.ModelBackend`,
+    with the exception that group permissions are fetched slightly differently.
+    Indeed, django tries by default to fetch the permissions associated
+    with all the `django.contrib.auth.models.Group` of a user ;
+    however, our User model overrides that, so the actual linked group model
+    is [core.models.Group][].
+    Instead of having the relation `auth_perm --> auth_group <-- core_user`,
+    we have `auth_perm --> auth_group <-- core_group <-- core_user`.
+
+    Thus, this backend make the small tweaks necessary to make
+    our custom models interact with the django auth.
+    """
+
+    def _get_group_permissions(self, user_obj: User):
+        return Permission.objects.filter(group__group__users=user_obj)

sith/settings.py

@@ -290,6 +290,7 @@ STORAGES = {
 # Auth configuration
 AUTH_USER_MODEL = "core.User"
 AUTH_ANONYMOUS_MODEL = "core.models.AnonymousUser"
+AUTHENTICATION_BACKENDS = ["core.auth_backends.SithModelBackend"]
 LOGIN_URL = "/login"
 LOGOUT_URL = "/logout"
 LOGIN_REDIRECT_URL = "/"