i would like to create a flutter app, with social authentication (Facebook & Google) connected to a Django DRF backend.
I could not find any examples for handling the social authentication at the back-end coming from a flutter app, i only found firebase based tutorials.
Any libraries that work this way? in case there aren't, how could i send the required social account from the phone to my backend?
Thanks!!
I suggest you to use the Google Auth Library for Ruby (because you are using Django) and expose a service that wrap the API and consume the google libraries.
With your API created you can create a Provider / BLoC or whatever State Management you use in Flutter using the Dart Package Http to consume your own Django backend API
If you have any trouble using HTTP Dart/flutter package let me now to create and example
Related
I want to get my head down into a small community website using Django Rest Framework as a backend and Next.JS as a frontend. I am struggling with the authentication module.
What is best practice? I thought about using Firebase as an auth provider but the implementation is quite hard - or at least I could not find good documentation.
I am now thinking of using the Djoser library to have django handle all authentication and user management.
My question is: What would you recommend to use? The official DRF website has a ton of third-party packages on this topic but I just can decide which one to use (https://www.django-rest-framework.org/api-guide/authentication/#third-party-packages)
You can use Next Auth to handle JWT authentication.
If you are using Token authentication (rest_framework.authtoken), you can store the token in localStorage and inject the token using axios.interceptors.request.use for axios, or create a custom fetch method that injects said token in your fetch headers.
I am developing Django(Server) with React(Web Client).
And I want to use facebook social login.
I knew that client is public client, server is confidential. So I want to use authentication code grant way for authenticating user.
So I find out the way but there is no way to implement that. All the python oauth2 library limplements is just for django server side rendering.(Django Server + Web client).
So I confused about I am wrong or just the others just did not make the grant way.
When you use DRF(Server API) + React(public Web Client),
how do you implement for OAuth2 social login?
I wonder that. please give me some advise to me.
Thanks.
Let's start from basics, people usually split frontend and backend to improve the production speed as frontend and backend can be developed by two separate teams. But in order for the frontend and backend to work together, there needs to be a connection interface, an API.
React is a frontend that runs in the browser, so in order to talk to the server, it uses a REST protocol.
As the backend in this scenario is Django we use DRF as React uses REST API. DRF provides easy flexible pre-built packages to carry out this communication job between server and client.
Now the authenticator for web login you choose to be Facebook hence you will get the identity token from facebook, which will correspond to the rows in the Django User table which will give you access to the user's data in Django.
You don't need to do everything at once, you need to first implement the Facebook social auth and after test(test using postman app) only think about connecting React
A good place to start is this DRF documentation, look into Social OAuth2
https://www.django-rest-framework.org/api-guide/authentication/#django-oauth-toolkit
I'm building my own social network service like Instagram. I'm using React Native for Mobile Front-End and Django RESTful Framework for BackEnd.
In my case, should I implement getStream for my feeds and notification on Back-End or Front-End? (Django-python or React-Native JS)
We recommend using a back-end system to communicate with Stream. Putting logic in the front-end system (or React native) means you'd be storing your API credentials in a public-facing app or in a mobile app, which is easily reverse-engineered.
I am building a social login based application using Django on the backend and I want to know whether it is a good practice to do Social Auth(facebook, google, github, twitter etc.) on the front end or the backend of an application?
For example, If I want to allow a user to signup using their facebook account, is it a good idea to handle that using JavaScript on the front end or using Django on the backend(e.g, using something like social_auth_app_django)?
Both sides =) The authToken you store should placed in your backend while the session interaction could be done with the frontend.
If you are a beginner ,My recommendation is to go with Django Social Auth.
Django Social Auth is an easy way to setup social authentication/authorization mechanism for Django projects.
docs : http://django-social-auth.readthedocs.io
github :https://github.com/omab/django-social-auth
Installation:
pip install django-social-auth
I'm using Django Social Auth for connect with Facebook issue and it works perfect. I have developed an API for my Django app with Django Rest Framework. But I'm confused about using Django Social Auth with Django Rest Framework for iOS devices.
I have searched 1, 2, 3 and 4 but they are generally with Angular.js. I'm not familiar with iOS development.
What is different between facebook connect with spa and a mobile device? * How could I use these packages together?
May I migrate from django-social-auth to python-social-auth?
You can now authenticate your users against your django-rest-framework with bearer tokens/third party access tokens from any python-social-auth backend (Facebook, Google, Github, etc.) using this library https://github.com/PhilipGarnero/django-rest-framework-social-oauth2
This module provides a python-social-auth and oauth2 support for django-rest-framework. Thus this saves you a lot of time to setup what is required to have your DRF with social authorization and to be OAuth2 secure.
I think that you can achieve that using django rest framework, django-rest-auth and allauth.
Those three work nice together.
With django rest framework you already familiar.
The allauth is responsible for the social authentication.
The django-rest-auth responsible for create the RESTful api for the social authentication, i.e. the connection between django-rest-framework and allauth.
It is recommended that you let python-social-auth handle the Facebook login for you, and instead you use another OAuth plugin for Django REST Framework to authenticate with Django. This has the added benefit of also supporting non-Facebook login through the standard Django authentication system.
I'm confused about using Django Social Auth with Django Rest Framework for ios devices.
I recently answered a similar question about implementing authentication with python-social-auth and Django REST Framework. It includes some important points to read about when implementing authentication using a third party along with some important notes about how you should not pass the third-party OAuth tokens back to your client.
How could I use these packages together?
While that answer specifically mentions using OAuth as the authentication method for the API that is behind python-social-auth, you can use other authentication methods that internally use Django authentication system, such as TokenAuthentication. In any case, you will end up proxying authentication between your front end application and your third party authentication provider, using your back end API.
What is different between facebook connect with spa and a mobile device?
Facebook provides direct integration with some mobile operating systems, most notably iOS and Android. This bypasses your API for authentication, and directly authenticates your mobile application with Facebook. Ideally, it would be authenticating your back end API instead of the mobile application. This may still be possible to do if you pass the access token back to your API manually, essentially doing the same thing that python-social-auth would be doing, but that could be risky and may not be worth the extra effort.
Facebook Connect (now known as just Facebook Login) works in a similar way to how Facebook integration works on mobile devices. The one difference that may work in your favor is that it's very easy to move from Facebook Login for single page apps, to an OAuth-based authentication pattern. This is documented in the Facebook developers documentation as "Manually Building a Login Flow" and is compatible with libraries that support OAuth-based login, like python-social-auth.
May I migrate from django-social-auth to python-social-auth?
This shouldn't be an issue anymore, as python-social-auth has effectively replaced django-social-auth.