Python for Entrepreneurs Transcripts
Chapter: User accounts and identity
Lecture: Concept: Account class

Learn more about this course
Login or purchase this course to watch this video and the rest of the course contents.
0:02 Here is the account class we created, it's called Account, obviously, and it derives from SqlAlchemyBase and it has a __tablename__
0:10 that matches the type name, just like all of our entities do, we're going to give it an id, a created date, whether or not that user is a super user
0:18 and then the ability to log in via email and a password, remember, hashed password.
0:24 Now, the id is a little bit different, remember we didn't want to leak
0:28 how many users we had or let people poke around by guessing their user id, right, like "mine is 100, what's at 101? Who knows,
0:37 let's go poke around and see if we can find that." So we are making this a string, and we created a default function,
0:43 which is a lambda that just returns the uuid4 as text, so it'll be a nice big alphanumeric thing that we can't guess easily
0:53 and of course don't forget to set it to be the primary key. We also might want to run reports on "hey, how many users were created today?
1:01 How many users were created this year?" and so on. So we created a datetime column, now in my demo I realized I created a date,
1:08 not a datetime and I went and updated it, notice, we probably want the minutes, hours, minutes and seconds, so datetime, not date
1:14 and then we are going to set that to be the default of datetime.datetime.now without parenthesis, OK?
1:21 Then we want to give a little bit of permissions management, very basic to our account here, and whether or not this user is a super user
1:30 and they have access to do all sorts of interesting additional high-privilege things in our site or if they are just a regular user
1:38 and they could only access what regular users can do. So we set that as a boolean but by default it's False,
1:44 we also wanted this to give the ability to log in, so basically as far as the user is concerned, their credentials are their email address,
1:53 don't need a name and an email, if you are going to get an email anyway just use that as the user id. Or as their ability to log in, right.
2:01 So have their email here, and of course that has to be unique, we want to do searches by it, so index is True, and it can't be null.
2:09 Also, we're not going to store the password, we're going to store the password hash as a string, it's very important to not store passwords,
2:16 and we'll talk about a couple of solutions on this.


Talk Python's Mastodon Michael Kennedy's Mastodon