I have just started using django-cms to create a website, and I'm generally impressed with what you can do with it out of the box.
However, I want to restrict the viewing of some pages, so that only registered users with a certain attribute or credential, can view restricted pages.
The way I intend to proceed is as follows:
- Introduce a credential system (with expiring date) for users - is there a package that already exists for this, or do I need to write my own?
- Provide a 'page category' attribute for ALL pages in the blog
- Provide a mapping mechanism from 'page category' to credential required to view the page
- Insert logic to check whether current user has the required credential to view the requested page, before displaying the page (if user has the required credential), or directing user to another page if user does not have credentials required.
My question is twofold:
A. Is the problem decomposition I have described above a good way to implement the solution - or is the a better way that involves using existing packages without reinventing the wheel (if so, which packages to use)?
B. If I have to write my own code, could someone please outline best practise approach of how to implement the code - i.e. give a high level view of the steps/workflow to follow to implement the requirements.
[[Side Notes]]
I'm coming from a symfony 1.x development background, and the credential system I envisage above, is inspired from the credential framework in Symfony 1.x
Additionally, Symfony has the concept of messaging and filters, which allows you to insert custom logic in the page request workflow. Does Django have a similar 'filtering' system?