I have a requirement to build an application say A. The application A is an authentication system, and i'm planning to build it in django using django oauth toolkit library.
Then there will be some external applications say B and C, and they will be using the auth system A.
How can I implement the authorisation for the applications A and B?
Application B and C will be built on other languages like php or java.
django oauth toolkit documentation describes an api for authentication where the client_id, client_secret, username and password is being sent to an api and the token is being generated. I need to use that token to authorise the APIs in application B and C
Need your insight on this one.
Thanks in advance.
Related
I creating an app in which the authentication is done via web services of another app.
But as I m trying to understand how things will work, I m trying to figure out how I can store each user data and posts to them if I m not using Django auth and then linking the models via forgien keys.
All standard login's with other apps are done using a standard called OAuth2; Oauth2 standard allows you to login to apps with other services (Facebook, Apple, Google) while just storing a random token (not sensitive data).
Here is a Django library that makes using authenticating/logging into your app with another app's credentials super easy and secure using Oauth2.
Good luck, LMK if you need anything else!
i would like to create a flutter app, with social authentication (Facebook & Google) connected to a Django DRF backend.
I could not find any examples for handling the social authentication at the back-end coming from a flutter app, i only found firebase based tutorials.
Any libraries that work this way? in case there aren't, how could i send the required social account from the phone to my backend?
Thanks!!
I suggest you to use the Google Auth Library for Ruby (because you are using Django) and expose a service that wrap the API and consume the google libraries.
With your API created you can create a Provider / BLoC or whatever State Management you use in Flutter using the Dart Package Http to consume your own Django backend API
If you have any trouble using HTTP Dart/flutter package let me now to create and example
our team is developing a web based system. we wish to use WSO2IS for user management. I installed WSO2IS as in its official site. Now I want to know how to use its features through API calls from my application
I have started the WSO2IS server locally
https://localhost:9443/carbon/admin/index.jsp?loginStatus=true.
I expect to communicate with WSO2IS through API call. But I have no idea how to do that
From this you will be able to get a basic idea on WSO2 IS related APIs.
Like many, I'm in the process of creating a mobile application backed by a Django application and communicating via REST API. While the choice of the Django Rest Framework was easy, the choice of the additional component is tricky for me. I'm just discovering this ecosystem so it could be that I'm just looking at it the wrong way. These are my requirements:
The users should be able to create and edit an account (userena profile) via the mobile application, without necessarily using a third party (Facebook for example but it is planed for future feature). The registration process should include email verification.
The authentication process should be following OAuth, so the authentication module should provide a way to implement an OAuth provider.
I looked at this page but couldn't find any modules which provided all of these out of the box. Particularly I checked:
Djoser: Seems to provide registration (including email validation), token authentication but no OAuth.
django-rest-auth : Registration (including email verification), token authentication, 3rd part OAuth authentication but no custom OAuth provider implementation (?)
django-rest-framework-social-oauth2: OAuth provider, 3rd part OAuth authentication but no registration.
Did I misunderstand these modules or am I looking at it the wrong way? Otherwise, can the modules be mixed? Which would you advise?
Is there an easy way to take one module and, from there, add a custom implementation of the last functionality? (I saw post about implementing user registration manually but didn't find the email validation part...)
Thank you for your help.
I'm using Django Social Auth for connect with Facebook issue and it works perfect. I have developed an API for my Django app with Django Rest Framework. But I'm confused about using Django Social Auth with Django Rest Framework for iOS devices.
I have searched 1, 2, 3 and 4 but they are generally with Angular.js. I'm not familiar with iOS development.
What is different between facebook connect with spa and a mobile device? * How could I use these packages together?
May I migrate from django-social-auth to python-social-auth?
You can now authenticate your users against your django-rest-framework with bearer tokens/third party access tokens from any python-social-auth backend (Facebook, Google, Github, etc.) using this library https://github.com/PhilipGarnero/django-rest-framework-social-oauth2
This module provides a python-social-auth and oauth2 support for django-rest-framework. Thus this saves you a lot of time to setup what is required to have your DRF with social authorization and to be OAuth2 secure.
I think that you can achieve that using django rest framework, django-rest-auth and allauth.
Those three work nice together.
With django rest framework you already familiar.
The allauth is responsible for the social authentication.
The django-rest-auth responsible for create the RESTful api for the social authentication, i.e. the connection between django-rest-framework and allauth.
It is recommended that you let python-social-auth handle the Facebook login for you, and instead you use another OAuth plugin for Django REST Framework to authenticate with Django. This has the added benefit of also supporting non-Facebook login through the standard Django authentication system.
I'm confused about using Django Social Auth with Django Rest Framework for ios devices.
I recently answered a similar question about implementing authentication with python-social-auth and Django REST Framework. It includes some important points to read about when implementing authentication using a third party along with some important notes about how you should not pass the third-party OAuth tokens back to your client.
How could I use these packages together?
While that answer specifically mentions using OAuth as the authentication method for the API that is behind python-social-auth, you can use other authentication methods that internally use Django authentication system, such as TokenAuthentication. In any case, you will end up proxying authentication between your front end application and your third party authentication provider, using your back end API.
What is different between facebook connect with spa and a mobile device?
Facebook provides direct integration with some mobile operating systems, most notably iOS and Android. This bypasses your API for authentication, and directly authenticates your mobile application with Facebook. Ideally, it would be authenticating your back end API instead of the mobile application. This may still be possible to do if you pass the access token back to your API manually, essentially doing the same thing that python-social-auth would be doing, but that could be risky and may not be worth the extra effort.
Facebook Connect (now known as just Facebook Login) works in a similar way to how Facebook integration works on mobile devices. The one difference that may work in your favor is that it's very easy to move from Facebook Login for single page apps, to an OAuth-based authentication pattern. This is documented in the Facebook developers documentation as "Manually Building a Login Flow" and is compatible with libraries that support OAuth-based login, like python-social-auth.
May I migrate from django-social-auth to python-social-auth?
This shouldn't be an issue anymore, as python-social-auth has effectively replaced django-social-auth.