Python for Entrepreneurs Transcripts
Chapter: User accounts and identity
Lecture: Concept: Account class
0:02 Here is the account class we created, it's called Account, obviously,
0:06 and it derives from SqlAlchemyBase and it has a __tablename__
0:09 that matches the type name, just like all of our entities do,
0:13 we're going to give it an id, a created date, whether or not that user is a super user
0:17 and then the ability to log in via email and a password, remember, hashed password.
0:23 Now, the id is a little bit different, remember we didn't want to leak
0:27 how many users we had or let people poke around by guessing their user id, right,
0:33 like "mine is 100, what's at 101? Who knows,
0:36 let's go poke around and see if we can find that."
0:39 So we are making this a string, and we created a default function,
0:42 which is a lambda that just returns the uuid4 as text,
0:47 so it'll be a nice big alphanumeric thing that we can't guess easily
0:52 and of course don't forget to set it to be the primary key.
0:55 We also might want to run reports on "hey, how many users were created today?
1:00 How many users were created this year?" and so on.
1:03 So we created a datetime column, now in my demo I realized I created a date,
1:07 not a datetime and I went and updated it, notice, we probably want the minutes,
1:10 hours, minutes and seconds, so datetime, not date
1:13 and then we are going to set that to be the default of datetime.datetime.now
1:18 without parenthesis, OK?
1:20 Then we want to give a little bit of permissions management,
1:25 very basic to our account here, and whether or not this user is a super user
1:29 and they have access to do all sorts of interesting additional high-privilege things
1:34 in our site or if they are just a regular user
1:37 and they could only access what regular users can do.
1:40 So we set that as a boolean but by default it's False,
1:43 we also wanted this to give the ability to log in, so basically
1:48 as far as the user is concerned, their credentials are their email address,
1:52 don't need a name and an email, if you are going to get an email anyway
1:55 just use that as the user id. Or as their ability to log in, right.
2:00 So have their email here, and of course that has to be unique,
2:04 we want to do searches by it, so index is True, and it can't be null.
2:08 Also, we're not going to store the password,
2:11 we're going to store the password hash as a string,
2:13 it's very important to not store passwords,
2:15 and we'll talk about a couple of solutions on this.