{"id":24708365,"url":"https://github.com/surface-security/django-impersonator","last_synced_at":"2025-10-26T10:37:18.405Z","repository":{"id":184180614,"uuid":"615547950","full_name":"surface-security/django-impersonator","owner":"surface-security","description":"Impersonate other users in your Django admin app","archived":false,"fork":false,"pushed_at":"2023-07-27T12:40:47.000Z","size":43,"stargazers_count":0,"open_issues_count":3,"forks_count":1,"subscribers_count":2,"default_branch":"develop","last_synced_at":"2025-01-27T06:34:36.978Z","etag":null,"topics":["django","middleware","python","security"],"latest_commit_sha":null,"homepage":"https://pypi.org/project/django-impersonator/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/surface-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null}},"created_at":"2023-03-18T00:44:40.000Z","updated_at":"2023-04-02T23:06:53.000Z","dependencies_parsed_at":"2023-07-27T11:40:41.842Z","dependency_job_id":null,"html_url":"https://github.com/surface-security/django-impersonator","commit_stats":null,"previous_names":["surface-security/django-impersonator"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/surface-security%2Fdjango-impersonator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/surface-security%2Fdjango-impersonator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/surface-security%2Fdjango-impersonator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/surface-security%2Fdjango-impersonator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/surface-security","download_url":"https://codeload.github.com/surface-security/django-impersonator/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244913329,"owners_count":20530817,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["django","middleware","python","security"],"created_at":"2025-01-27T06:31:39.840Z","updated_at":"2025-10-26T10:37:18.282Z","avatar_url":"https://github.com/surface-security.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# django-impersonate\n\nThis Django app lets admin users impersonate other users, useful when testing and debugging permissions.\n\n**Non superusers are not allowed** to perform this request, even if they have view rights to the `User` model, so that this cannot be used for privilege escalation.\n\nAs admin, I can choose the \"Impersonate\" action:\n\n![image](https://user-images.githubusercontent.com/7786556/228572564-6549367d-3ee4-4b0b-a978-a3467388b654.png)\n\nImpersonations are terminated by closing the bottom left pop-up.\n\n![image](https://user-images.githubusercontent.com/7786556/228573725-9bde3dbd-1df0-4884-a333-95165cac880a.png)\n\n\nImpersonate is not available for regular users, returning an error for those with view rights to the `User` model.\n\n\n## Setup\n\nAdd middleware to your middleware list and make sure it comes *after* `django.contrib.auth.middleware.AuthenticationMiddleware`:\n\n```python\nMIDDLEWARE = [\n    ...\n    'django.contrib.auth.middleware.AuthenticationMiddleware',\n    ...\n    'impersonate.middleware.ImpersonateMiddleware',\n    ...\n]\n```\n\nIn one of your `admin.py` files, add the action to `UserAdmin` (or the admin model of your custom User)\n\n```python\nfrom impersonate.admin import impersonate_action\nfrom django.contrib.auth import admin\n\n\nadmin.UserAdmin.actions.append(impersonate_action)\n```\n\nOr call it from any of your views (if you're not using django-admin)\n\n```python\nfrom django.contrib.auth import models\nfrom impersonate.admin import impersonate_action\n\ndef my_view(request, target_username):\n    return impersonate_action(None, request, models.User.objects.filter(username=target_username))\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsurface-security%2Fdjango-impersonator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsurface-security%2Fdjango-impersonator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsurface-security%2Fdjango-impersonator/lists"}