Django + django-neomodel & Authentication


I'm new here and at the start of building a django based backend for my app. I've played around with the neo4j desktop edition and find the way data and relations are stored very intuitive.

My current thoughts are to use django-neomodel to act as the glue between django and neo4j. I keep getting stuck on random things, the current of which is

  • Can the django auth data be kept in neo4j or do I need to configure an additional (more traditional) database along with neo4j to handle that
  • If yes any pointers?
  • Would adding social auth via python-social-auth (via social-app-django) mess with the setup?

maybe my search/google skills aren't too good but it'd be awesome if the community could recommend some good up to date repos for me to reference!

Thank you in advance for all assistance!

Welcome the community Asterix! I'm not fully spun up on django-neomodel but a quick look at the docs shows it being installed as a Django app. and the auth data being kept in an environment variable like:

NEOMODEL_NEO4J_BOLT_URL = os.environ.get('NEO4J_BOLT_URL', 'bolt://neo4j:test@localhost:7687')

# Make sure django_neomodel comes before your own apps
    # django.contrib.auth etc

You can see that it's calling environment variables for the connection and I'm sure it would do the same for your password. So I would say you're auth data should be kept in an environment variable on the Django side of your app. Hopefully that gets you pointed in the right direction.


I think he was talking of the place to store the django users and password, not the auth to neo.
The doc you mention says to comment django.contrib.auth etc.
This should say that users will be in the neo4j database.

I tried to do this, but it failed

So I'm curious to read more info on this topic too.


I don't know if it would be a good idea to use Neo4j to replace django.contrib.auth just yet as there's substantial security work behind auth that you probably don't want to make a mistake trying to reimplement.

You could still subclass django.contrib.auth.AbstractBaseUser and then have a relationship in a "glue"-link manner, with your corresponding :User node.

Then it would depend on what you want to use permissions for what your implementation would be after that.

Even though I haven't tried this, it should be doable.