django.contrib.auth has User and Group models. I’m using the User model for my users, and the Group model to manage their broad permissions (access to admin site, access logs, etc).
I also have my own Client model (representing a business client corporate entity). Let’s say I’m going to have many clients, and I don’t want them to see each other’s data.
Do I:
- Create foreign keys in the data models pointing to the
Client, extend theUsermodel with a foreign key to theClientand check that theUserand the data models both point to the sameClientbefore allowing data access? - Extend the data models to point to the
Group, and check that theUserand data models point to the sameGroupbeforing allowing data access? - 1-to-1 relationship between
UserandUserProfile, and then foreign key fromUserProfiletoClient? - Something else?
My preference is to avoid extending anything in django.contrib.auth because it’s probably going to break upgrades and middleware.