Django Login As

0.3.14 · active · verified Sat Apr 11

django-loginas is a Django app that integrates a "Log in as user" button directly into the Django user administration page. This allows superusers or authorized staff to quickly impersonate other user accounts for testing or support purposes. The library is currently at version 0.3.14 and maintains a regular release cadence with updates addressing bug fixes, new features, and Django version compatibility.

Warnings

breaking Python 2 support was dropped in versions 0.3.7 and 0.3.8. If your project still relies on Python 2, you must use django-loginas version 0.3.6 or earlier.
Fix: Upgrade to Python 3.x to use versions 0.3.7+ or pin django-loginas to 0.3.6 for Python 2 projects.
breaking For Django 3.2 and newer, the `loginas.urls` must be included in your `urls.py` *before* `admin.site.urls`. Failing to do so will prevent the 'Log in as user' button from working correctly.
Fix: Ensure `path('admin/', include('loginas.urls'))` appears before `path('admin/', admin.site.urls)` in your `urlpatterns`.
gotcha By default, django-loginas prevents superusers from logging in as other superusers to avoid privilege escalation. If you need this functionality, you must temporarily demote the target superuser.
Fix: Temporarily remove superuser status from the target user before logging in as them, then restore it afterwards.
deprecated The `log_action` function, used for logging admin actions, was deprecated in Django 6.0. Version 0.3.13 of django-loginas includes a fix for this deprecation.
Fix: Upgrade django-loginas to version 0.3.13 or newer to ensure compatibility with Django 6.0 and avoid deprecation warnings/potential breakage related to admin logging.
gotcha Version 0.3.12 introduced compatibility with strict Content Security Policy (CSP) script-src definitions. Older versions might experience issues with stricter CSP configurations.
Fix: Upgrade to django-loginas 0.3.12 or later if you are using a strict Content Security Policy in your Django project.
gotcha The message constant `MESSAGE_LOGIN_REVERT` was renamed to `LOGINAS_MESSAGE_LOGIN_REVERT` in version 0.3.0. If you customized or referenced the old constant, it will no longer be found.
Fix: Update any references to `MESSAGE_LOGIN_REVERT` in your code to `LOGINAS_MESSAGE_LOGIN_REVERT`.

Install

pip install django-loginas Install with pip

Imports

INSTALLED_APPS
```
INSTALLED_APPS = [
    # ...
    'loginas',
    # ...
]
```
Add 'loginas' to your Django project's INSTALLED_APPS setting.

urlpatterns

from django.urls import path, include
from django.contrib import admin

urlpatterns = [
    path('admin/', include('loginas.urls')), # MUST be before admin.site.urls for Django 3.2+
    path('admin/', admin.site.urls),
    # ...
]

For Django 3.2 and newer, `loginas.urls` must be included *before* `admin.site.urls` in your project's `urls.py`.

ModelAdmin (for custom User models)
```
from django.contrib import admin
from django.contrib.auth.admin import UserAdmin
from .models import CustomUser

@admin.register(CustomUser)
class CustomUserAdmin(UserAdmin):
    change_form_template = 'loginas/change_form.html'
```
If using a custom User model, configure its Admin class to use the `loginas` change form template, or place an `extends 'loginas/change_form.html'` template at `templates/<app_label>/<model_name>/change_form.html`.

Quickstart

To get started with django-loginas, first install the package. Then, add 'loginas' to your `INSTALLED_APPS` in `settings.py`. Crucially, include `loginas.urls` in your project's `urls.py` *before* `admin.site.urls` to ensure proper routing, especially for Django 3.2 and later. If you are using a custom User model, you may need to explicitly set the `change_form_template` for its `ModelAdmin` to `loginas/change_form.html`.

# settings.py
INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'loginas', # Add this line
]

# urls.py
from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    path('admin/', include('loginas.urls')), # Important: Must be before admin.site.urls for Django 3.2+
    path('admin/', admin.site.urls),
    # Your other URL patterns
]

# Optional: admin.py (if using a custom User model)
# from django.contrib import admin
# from django.contrib.auth.admin import UserAdmin
# from .models import CustomUser # Replace with your custom User model

# @admin.register(CustomUser)
# class CustomUserAdmin(UserAdmin):
#     change_form_template = 'loginas/change_form.html'

# To run the example:
# 1. Create a Django project and app if you don't have one.
# 2. Add 'loginas' to INSTALLED_APPS.
# 3. Add loginas URLs as shown above.
# 4. python manage.py migrate
# 5. python manage.py createsuperuser (create an admin user)
# 6. python manage.py runserver
# 7. Log into Django admin, navigate to a user, and the 'Log in as user' button will be visible.

view raw JSON →