When I try to use the password password/reset send me a mail with this this url
http://example.com/password-reset/confirm/MjM/572-52a21bbd1b80e9377f98/ Any ideas??
settings.py
SITE_ID = 1
#Registro simple sin correo
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
#Login no mail
ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
ACCOUNT_CONFIRM_EMAIL_ON_GET = True
ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL =
reverse_lazy('account_confirm_complete')
ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL =
reverse_lazy('account_confirm_complete')
ACCOUNT_USERNAME_REQUIRED = False
#Following is added to enable registration with email instead of username
AUTHENTICATION_BACKENDS = (
# Needed to login by username in Django admin, regardless of `allauth`
"django.contrib.auth.backends.ModelBackend",
# `allauth` specific authentication methods, such as login by e-mail
"allauth.account.auth_backends.AuthenticationBackend",
)
This will obviously happen if you use SITE_ID=1 in your settings. The django-all-auth package uses the value of domain field of SITE_ID while creating a reset-password mail.
So, you can do either,
1. Change the value of domain of existing SITE_ID
Run the script in your Django Shell
from django.conf import settings
from django.contrib.sites.models import Site
site = Site.objects.get(id=settings.SITE_ID)
site.domain = "your.required.domain.com"
site.name = "Some Readable Name for Your Site"
site.save()
2. Create new Site instance and put newly created site id in settings.py
Run this on django shell,
from django.contrib.sites.models import Site
site = Site.objects.create(domain="your.required.domain.com", name="Some Readable Name for Your Site")
print(site.id)
Now, you'll get the new site id, put that in settings.py as,
#settings.py
SITE_ID = 123 # here "123" is the id of your newly creted site object
Note
These things(1 and 2) can also be done via Django Admin console.
Related
I have a weird issue using Django allauth. The sign up works and sends an email verification email, after I click the verification link sent via email I am redirected to the email confirmation page. The problem is once I click "confirm" to confirm my email I am redirected back to the sign up page and the verification appears to fail as well (no error is thrown). When I go to login as the newly created user another verification email is sent and the cycle repeats itself.
I have tried to configure my settings to redirect to http://127.0.0.1:8000/
Settings.py
#django-allauth registraion settings
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS =1
ACCOUNT_EMAIL_VERIFICATION = "mandatory"
ACCOUNT_LOGIN_ATTEMPTS_LIMIT = 5
ACCOUNT_USERNAME_REQUIRED = True
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_SIGNUP_PASSWORD_VERIFICATION = False
LOGIN_REDIRECT_URL = '/' # Or whatever you want to redirect to after email verification
# 1 day
ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT = 86400
urls.py
urlpatterns = [
path('admin/', admin.site.urls),
path('', include('testingland.urls')),
path('api/', include('api.urls')),
#all_auth_package
url(r'^accounts/', include('allauth.urls')),
]
Try changing your settings.py from
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS =1
ACCOUNT_EMAIL_VERIFICATION = "mandatory"
ACCOUNT_LOGIN_ATTEMPTS_LIMIT = 5
ACCOUNT_USERNAME_REQUIRED = True
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_SIGNUP_PASSWORD_VERIFICATION = False
LOGIN_REDIRECT_URL = '/' # Or whatever you want to redirect to after email verification
To:
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS =1
ACCOUNT_EMAIL_VERIFICATION = "mandatory"
ACCOUNT_LOGIN_ATTEMPTS_LIMIT = 5
ACCOUNT_USERNAME_REQUIRED = True
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_SIGNUP_PASSWORD_VERIFICATION = False
ACCOUNT_CONFIRM_EMAIL_ON_GET= True
ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION= True LOGIN_REDIRECT_URL = '/'
ACCOUNT_LOGOUT_ON_GET=True ACCOUNT_LOGOUT_REDIRECT_URL='/'
i am trying to connect Okta with a custom Django (v.3.0.2) app i am coding, using the mozilla-django-oidc library. So far the initial user authentication and account creation (using Django's user model) works, but i don't understand what i need to do to have the Django AdminSite work.
The Adminsite, before introducing mozilla-django-oidc worked as expected. I created an admin user, named "admin" and the user was able to login.
To integrate the mozilla-django-oidc library i followed the instructions here: https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html. The instructions do not have any specific mention of the AdminSite.
When i access the AdminSite after the library integration, i have the following:
The AdminSite uses the default template - my assumption was that it
would also use Okta to authenticate.
The admin account "admin" that used to be able to login into the AdminSite does not work anymore
My goal is to be able to access the AdminSite. I don't mind if it will be over Okta or over the vanilla interface as long as i can access it.
Below are the relevant segments from the files (in order to integrate):
urls.py
urlpatterns = [
path('', static_site.site_index, name='site_index'),
path('admin/', admin.site.urls),
path('review/', include('review.urls')),
path('oidc/', include('mozilla_django_oidc.urls')),
]
settings.py
# OICD
AUTHENTICATION_BACKENDS = (
'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
)
OIDC_RP_CLIENT_ID = 'xxxxx'
OIDC_RP_CLIENT_SECRET = 'xxxx'
OIDC_RP_SIGN_ALGO = 'RS256'
OIDC_OP_JWKS_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/keys'
OIDC_RP_SCOPES = 'openid email profile'
OIDC_OP_AUTHORIZATION_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/authorize'
OIDC_OP_TOKEN_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/token'
OIDC_OP_USER_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/userinfo'
# Provided by mozilla-django-oidc
LOGIN_URL = reverse_lazy('oidc_authentication_callback')
# App urls
LOGIN_REDIRECT_URL = reverse_lazy('review:dashboard')
LOGOUT_REDIRECT_URL = reverse_lazy('site_index')
Any ideas or pointers welcomed!
The goal was achieved by adding the default auth backend to the settings:
settings.py
AUTHENTICATION_BACKENDS = [
'django.contrib.auth.backends.ModelBackend',
'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
]
I don't get Okta auth for the admin, but since i am happy just to have the admin running, i will stop here.
I've come up with a solution for using the mozilla-django-oidc login with the django admin. It's a little hacky but it's a lot less intimidating to redirect the admin login page than to override AdminSite.
In my top-level urls.py I have
class CustomLogin(View):
def get(self, request, **kwargs):
return HttpResponseRedirect(
reverse('oidc_authentication_init') + (
'?next={}'.format(request.GET['next']) if 'next' in request.GET else ''
)
)
urlpatterns = [
path('oidc/', include("mozilla_django_oidc.urls")),
path('admin/login/', CustomLogin.as_view()),
path('admin/', admin.site.urls),
# the rest of my urls...
]
If you don't care about passing the ?next= value correctly you can skip the CustomLogin class and do the following instead
urlpatterns = [
path('oidc/', include("mozilla_django_oidc.urls")),
]
# This only works if you break up urlpatterns so the reverse below can find what it needs
urlpatterns += [
path('admin/login/', RedirectView.as_view(
url=reverse('oidc_authentication_init') + ?next=/admin/,
permanent=False
)),
path('admin/', admin.site.urls),
# the rest of my urls...
]
I added ?next=/admin/ because by default once you log in you will be redirected to settings.LOGIN_REDIRECT_URL which I'm already using for something else
If you're using the default primary identifier, "email", you can create a superuser with that same email which will give SU privileges to that SSO user. So for example, if you have an SSOuser with email testuser#example.com, you can then run python manage.py createsuperuser and when prompted, set the email to testuser#example.com; the username and password don't matter since you're not actually using them for authentication (if you remove 'django.contrib.auth.backends.ModelBackend' from AUTHENTICATION_BACKENDS). I currently have this working, although I am extending the mozilla backend with the steps recommended in https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html#connecting-oidc-user-identities-to-django-users to prevent users from being created on the fly.
I'm trying to send a password-reset email using gmail server but I'am getting an error. 'SMTPSenderRefused Authentication Required'
The google account have - 1. 2-Step Verification on 2. Third-party access through app password 3. Access allowed for less secure app : On
'''
setting.py
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_HOST_USER = os.environ.get('EMAIL_HOST_USER') #my gmail acc
EMAIL_PASSWORD = os.environ.get('EMAIL_PASSWORD') #app password from gmail acc
EMAIL_PORT = 587
'''
'''
urls.py
path('password-reset/', PasswordResetView.as_view(
template_name='users/password-reset.html'), name='password_reset'),
path('password-reset-done/', PasswordResetDoneView.as_view(
template_name='users/password-reset-done.html'),
name='password_reset_done'),
path('password-reset-confirm/<uidb64>/<token>/',
PasswordResetConfirmView.as_view(
template_name='users/password_reset_confirm.html'),
name='password_reset_confirm'),
'''
I expect an email with a reset-password-link send to the user or whomever POSTed their email when prompted but what i get is this error -
'''
SMTPSenderRefused at /password-reset/
(530, b'5.5.1 Authentication Required. Learn more at\n5.5.1
https://support.google.com/mail/?p=WantAuthError p17sm3671371wrq.95 -
gsmtp', 'webmaster#localhost')
'''
create a new account in google and avoid two step verification.
Add your account name and password to settings directly
It will work
As you are new, hardcore these details directly to settings.py later you can configure in local environment
I am trying to enable logging in via facebook,twitter and Google Open Auth 2. I am using the main documentation https://django-social-auth.readthedocs.org/en/latest/index.html. I have also used http://c2journal.com/2013/01/24/social-logins-with-django/
I have put all the necessary configurations in place. Here is my settings.py
....
AUTHENTICATION_BACKENDS = (
'social_auth.backends.twitter.TwitterBackend',
'social_auth.backends.facebook.FacebookBackend',
'social_auth.backends.google.GoogleOAuthBackend',
'social_auth.backends.google.GoogleOAuth2Backend',
'social_auth.backends.google.GoogleBackend',
'django.contrib.auth.backends.ModelBackend',
)
.....
TEMPLATE_CONTEXT_PROCESSORS = (
"social_auth.context_processors.social_auth_by_type_backends",
"django.contrib.auth.context_processors.auth",
)
......
SOCIAL_AUTH_ENABLED_BACKENDS = ('google','facebook','twitter')
.....
FACEBOOK_APP_ID='**********'
FACEBOOK_API_SECRET='**********************'
FACEBOOK_APP_NAMESPACE = '********_app'
FACEBOOK_EXTENDED_PERMISSIONS = ['email']
GOOGLE_OAUTH2_CLIENT_ID = '***************'
GOOGLE_OAUTH2_CLIENT_SECRET = '**************************'
TWITTER_CONSUMER_KEY = '***************'
TWITTER_CONSUMER_SECRET = '**********************'
........
INSTALLED_APPS = (
............
'social_auth',
)
I have added social-auth to my urls.py too
(r'^accounts/login/$', 'django.contrib.auth.views.login',
{'template_name': 'login.html'}),
(r'^accounts/logout/$', 'django.contrib.auth.views.logout_then_login'),
.....
urlpatterns = patterns('',
...
url(r'', include('social_auth.urls')),
...
)
On my login.html page, here is how I have called the links
<div>Login with Facebook</div>
</div>Login with Twitter</div>
</div>Login with Google</div>
The problem however, everytime I try logging in via any of these services, It seems the APP Id is missing.
I get this error on Facebook Invalid App ID: None and this one on twitter Only unicode objects are escapable. Got None of type .. Google doesn't work too but It tells me I cannot use raw IP addresses. I am using the server IP address. Please help.
I figured out what was the problem. I had installed python social auth then installed django-social auth. My application was still using the python-social-auth package.
Using the python-social-Auth syntax of naming configuration variables, I added the prefix
SOCIAL_AUTH_
to my config variables so that they now looked like this
SOCIAL_AUTH_FACEBOOK_SECRET='*******************'
SOCIAL_AUTH_FACEBOOK_APP_NAMESPACE = '*******'
SOCIAL_AUTH_FACEBOOK_EXTENDED_PERMISSIONS = ['email']
SOCIAL_AUTH_TWITTER_KEY = '********'
SOCIAL_AUTH_TWITTER_SECRET = '************'
SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '*************************************'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = '****************'
I can now log in. Thanks
I want to implement django managment command which send emails by smtp with not default settings from settings.py file such as:
EMAIL_HOST
EMAIL_HOST_USER
EMAIL_HOST_PASSWORD
FROM_MAIL
EMAIL_USE_TLS
i want to send with my alternative settings different from settings.py without change it email settings for all site.
how to implement this?
Define your alternate email settings and then create a new mail connection using those settings:
settings.py
ALTERNATE_EMAIL_HOST_PASSWORD = 'your password'
ALTERNATE_EMAIL_HOST_USER = 'your user'
ALTERNATE_EMAIL_HOST = ''
ALTERNATE_EMAIL_PORT = 123
ALTERNATE_EMAIL_USE_TLS = True
Then create new connection using those settings:
from django.core import mail
from django.core.mail import send_mail
from django.conf import settings
# create new connection
connection = mail.get_connection()
connection.password = settings.ALTERNATE_EMAIL_HOST_PASSWORD
connection.username = settings.ALTERNATE_EMAIL_HOST_USER
connection.host = settings.ALTERNATE_EMAIL_HOST
connection.port = settings.ALTERNATE_EMAIL_PORT
connection.use_tls = settings.ALTERNATE_EMAIL_USE_TLS
# send email using new connection you just created
send_mail('my subject', 'my message', settings.DEFAULT_FROM_EMAIL,
['abc#gmail.com'], connection=connection)