Django Admin and Public Access

I have a project, which is heavily data-oriented. It already contains admin site, where trusted people can edit models and do any kind of actions required. That is fine and it works.

Now my next job is to pretty much do the same thing, but in a limited fashion for regular users on a normal website with pretty design.
That basically means for the most part completely duplicating backend functionality of django admin, but with different templates. Another potentially huge difference is, some of models can be created anonymously even when user is not logged in.

So I am naturally thinking - what if I used django admin as a backend and only created templates for it?
I would have to:

  • Hack it a bit to get it working without login, because it just expects user.
  • Override ModelAdmin and AdminSite get_urls to get only urls I want and/or modify their paths.
  • Override some of the stuff a bit heavier to customize them (for example customize success/error message when model is edited/saved, etc.).
  • Create my own templates.

Besides huge saved amount of work, there are definitely some risks/cons.

  • Performance? Not optimized for big data amounts (but with only a few columns, paginations, using “only” in querysets I think it should be fine).
  • Security?

I have a working prototype, which pretty much does what I need. It is a bit hacky, but it could work. I would like to hear more opinions on this approach before I make decision on how to move forward - if “admin” way or the traditional way with my own custom views.

I would recommend creating your own views and not use the admin for regular access. It is designed to be a database access tool for developers (and other technical users) and not for regular users.

It will lead to simpler code to maintain in future, rather than understanding the current hacks you have done with the admin.

1 Like

When in doubt, do what the docs suggest.

Quoting directly from The Django admin site | Django documentation | Django

The admin’s recommended use is limited to an organization’s internal management tool. It’s not intended for building your entire front end around.

Don’t do it.

1 Like