CHAPTER 15

User Authentication, Integrating Third-

Party Plugins, and Mocking with JavaScript

Our beautiful lists site has been live for a few days, and our users are starting to come

back to us with feedback. “We love the site”, they say, “but we keep losing our lists.

Manually remembering URLs is hard. It’d be great if it could remember what lists we’d

started”.

Remember Henry Ford and faster horses. Whenever you hear a user requirement, it’s

important to dig a little deeper and think—what is the real requirement here? And how

can I make it involve a cool new technology I’ve been wanting to try out?

Clearly the requirement here is that people want to have some kind of user account on

the site. So, without further ado, let’s dive into authentication.

Naturally we’re not going to mess about with remembering passwords ourselves—be‐

sides being

so

’90s, secure storage of user passwords is a security nightmare we’d rather

leave to someone else. We’ll use a federated authentication system instead.

(If you

insist

on storing your own passwords, Django’s default auth module is ready and

waiting for you. It’s nice and straightforward, and I’ll leave it to you to discover on your

own.)

In this chapter, we’re going to get pretty deep into a testing technique called “mocking”.

Personally, I know it took me a few weeks to really get my head around mocking, so

don’t worry if it’s confusing at first. In this chapter we do a lot of mocking in JavaScript.

In the next chapter we’ll do some mocking with Python, which you might find a little

easier to grasp. I would recommend reading both of them through together, and just

letting the whole concept wash over you; then come back and do them again, and see

if you understand all of the steps a little better on the second round.

241