First you must turn on authentication for the web application. This is done in Application Setting section by checking "Security on pages" and pressing save.

appsettingstab.png

Security on pages setting and what they mean

Security on pages Turn on and off authentication module. You need this turned on if you want to set restriction on pages of use session variables.
Default security Blank settings means that there is no default on will give no authentication needed if nothing is set on the pages. Web means that at least standard user is needed on page. Internal means that you have to be a staff user to be able to see the page.
Default security group Security groups are an extra level of security that can be used on pages and in pages to make groups of users. Typically customers, partners, us etc. There is no default groups when you start DG3, there have to be added using the /admin/ interface described later.
End session on browser close This setting turns on or off if you lose you setting when you exit the browser. Default this is turned on. This means that the user have to login again if the browser window is closed and opened again.
Session timeout in minutes This is how long your session is valid without using any page. When the time is up you will be automatically logged out. The default is fairly long (14 days) to make use our DG3 applications less painful than most other solution. If you are making a very secure system, you might want to make the timeout smaller ex 60 minutes.

Activate the security

To activate the security, you have to rebuild the application. It then installs to all authentication related pages and modules. This can by done by from application section as well  by clicking the "rebuild the web application icon".

Now you should see a number of new pages in the page browser. In this document we will take a look at how to use login and logout and change the look of them. In the next few documents we will also have a look at advanced features as password change and password reset by mail link, but first we have to create the first super user that can manage other users, you.

How to create your super user for the system

When you are confident that you have rebuild the application and have got added all the template and code for authentication, you can create the first user. This is done by clicking the "create internal user icon" found in application settings section. This will open a command shell asking you for a name, email and password x 2.

Now you can create and edit new users by using the admin interface in the DG3 application. This is the one delivered by the underlying Django application framework that the authentication module comes from. The only change that is done to the DG3 version is that you are able to use both the username or the email address for logging in. The admin interface can be found by adding /admin/ to the server url.

How to use the out of the box authentication in your application

Login and logout comes as two custom code pages. You can link to then by adding the relative url in any page in your application.

Login /authentication/login/ Open the login form
Logout
/authentication/logout/ Logout the current user
Admin /admin/ Send you to the admin interface where you can manage users and rights

Extra livetext that you can use on your page

When you have activated authentication, each page will have a few extra live text items added that can be used in the form [{ user.field }].

username The username given when the users is registered. I no username is given the username will be the same as email
email The registered email address
first_name The registered fists name
last_name The registered last name
is_authenticated True if the user is authenticatad
is_active True if the user has status active.
is_staff True if the user is staff user
is_superuser True if the user is super user
last_login Last time the user logged in
date_joined When user was created

Example of how to show different menu for logged in user and not logged in user in a direct template.

{% if user.is_authenticated %}
  <li><a href="/authentication/userprofile/">{{ user.email }}</a></li>
  <li class="dropdown">
    <a href="#" class="dropdown-toggle" data-toggle="dropdown">Actions <b class="caret"></b></a>
    <ul class="dropdown-menu">
      <li><a href="/authentication/logout/">Logout</a></li>
      <li><a href="/authentication/passwordchange/">Change password</a></li>
    </ul>
  </li>
{% else %}
  <li><a href="/authentication/passwordreset/">Need new password</a></li>
  <li><a href="/authentication/login/">Login</a></li>
{% endif %}
<br>

There are mores links that can be used to make your user able to change password and event get a password reset on mail. These are described in separate documents.