Should we use django authentication for all users of a site?

I have just started developing a bookstore site with Django and I have a question about user authentication. I want users to have a wallet, shopping cart and additional information for their account such as profile picture, phone number, address, etc. to buy books.

And now I am faced with the dilemma of whether to change the User model itself, or create a Profiles model for each and link it to the User model, or create a separate model (in other words, the authentication system) and do everything from scratch.

Now I have started building a separate authentication system. Everything was going well until I had problems in sending and receiving user data in the template contexts.

Finally, in general, I want to know if Django authentication system is really suitable for all users of a site?


Django is one of the most battle-hardened and well tested 'batteries-included' frameworks out there, so the built-in Authentication is more than acceptable. The Docs have an overview, with a guide on how to extend.

You can make an assessment of 3rd party packages relating to authentication here, and make a judgement as to whether or not any of these packages are suited to your e-commerce use-case.

With regards to your User model, its widely considered best practice to begin your project with a custom user model (i.e. before your first migration). The official docs even state this, however some people still prefer the 'old' way of doing this, which is to create a separate 'one-to-one' profile model.

Here is a tutorial about beginning a project with a custom User model. Here is one about changing mid-project.