In my django project, I am using django rest auth for api authentication. The default is to use username and password for login. I can also use email and password. But I want my user to have the option of either using email or username and password for login authentication; which I believe is more user friendly.
How do I do this in django rest auth?
Related
I want to authenticate the user with email and confirmation code. But JWT uses by default username and password for authentication. How can I change that?
Should I override TokenObtainSerializer?
i am using django-allauth. I want that when users signup with social accounts, redirect to set the password page. I do not know what to do. Any suggestion.
if you want to reset/update the password you can use user.set_password(password)
Is there away to authenticate username and password in Django. all i can find is
https://simpleisbetterthancomplex.com/tutorial/2017/02/18/how-to-create-user-sign-up-view.html
this it is just uses username authentication
Django by default authenticating the user by using of username. If you want to authenticate the user with email instead of username you can check this tutorial. Authenticate user with email instead of username
It might be worth your while to look at allauth. https://django-allauth.readthedocs.io/en/latest/overview.html
I am using Django rest auth and allauth to login and register users. I can register users by sending username, email, pwd1, pwd2. It is successful.
I am wondering, how can I register a user as an admin, do I need to send any extra parameter?
By overriding the SocialAccountManager
def save_user(self, request, sociallogin, form=None):
"""
Saves a newly signed up social login. In case of auto-signup,
the signup form is not available.
"""
u = sociallogin.user
u.set_unusable_password()
if form:
get_account_adapter().save_user(request, u, form)
else:
get_account_adapter().populate_username(request, u)
sociallogin.save(request)
return u
how to get the password from social account signup
Actually, you can't.
Django Allauth does not hash or store passwords for social login users. It does not handle the authentication on its end.
Suppose a user try to do a google login at your website, the authentication happens on google servers not on your end. If the user's password is correct then LOGIN_REDIRECT_URL = "url-name/" defined in your django project redirects that user to the url.
You can't get the password. If you can, or those social apps share the password of their users, then both you and that social apps have violate the user privacy rules. In my opinion it's a crime.
The only way you could do is ask your user to set a new password for your site. Send them an email to confirm the change. But that means you have to make an additional route for your app, which has no point.