The Django Boston Meetup recently got together for the first time since Covid, and I was honored to speak at it. My talk was on the Django User Model: Past, Present, Future, inspired largely by recent efforts by Carlton Gibson, my Django Chat co-host, to improve the current implementation. Here are the slides:

Putting together the talk was an excellent excuse to dive into the historical discussions around User in the Django community. Russell Keith-Magee put together the fantastic wiki on Improving contrib.auth, which provides an overview of options considered at the time and the eventual BDFL decision for custom user models.

There is a similar wiki around Adding an Email-based authentication model from ten years ago.

Before Covid, the Django Boston meetup regularly had 50-70+ guests at events. The crowd was smaller for this one, but hopefully, it is the start of many more to come. The venue was the CIC (Cambridge Innovation Center), an amazing space full of entrepreneurs, venture capitalists, scientists, etc., based right in the heart of the MIT Campus. After the talk, we all went next door to the Venture Cafe, which also hosts regular startup events. Although I only live a few miles away, it had been at least six years since I spent time in the area. Kendall Square (as the area is known) is home to MIT and many biotech/pharma companies; it has exploded in growth over the last decade.

I particularly enjoyed the questions and discussion after the talk. One of the questions was around managed authentication services like Auth0. I don’t have personal experience with these. Still, anecdotally, many larger organizations prefer to outsource authentication altogether or might have complex needs that companies would rather have someone else manage, especially around permissions. I will dive into this world more if I give this talk again.

The other area I would focus more on is performance. One of the motivations for a single customizable user model is it requires only one query (SELECT_FROM user_table) as opposed to two when using a user profile (SELECT_FROM user_table + SELECT_FROM profile_table). However, if a user table becomes bloated with too many fields then performance can suffer. And it is possible to cache the template fragment around user profile information–for example, if it is in the top right drop-down on every page.

As always, “it depends” is the unsatisfying answer, but understanding the pros/cons helps make a good decision. Django’s batteries are amazingly robust and largely still work despite being 20 years old, which is quite an impressive feat.