Authentication in django for both web and mobile - django

I have django website running with django-allauth authentication.
Now, I am planning to build a mobile app using already existing django as a backend.
If there is a way I can continue using django-allauth as authentication for mobile app ?
What is the standard way to implement authentication in django for both web and mobile ?

You could try django rest framework to build a restful api that your mobile application makes use of. It comes with support for OAuth.

Related

User authentication with Django and NextJS

I am building a project that uses Django Rest Framework as the backend and NextJS serves React frontend. How can I integrate user authentication using these two technologies?
In the future we might build a mobile app as well, so we need the backend to be consistent.
Thank you for your time.
I would suggest using the JWT tokens for authentication. You will not face any problem if you change your frontend. To get an idea on implementation, check this answer - https://stackoverflow.com/a/62112041/12840065

Laravel OAuth2 authentication for Django Site

I am building a Django application and I need to connect to an existing external Laravel site to authenticate users. Basically to have two different platforms, but users only have one set of credentials. Also - users should be able to sign up on the Django, and their user is created in the Laravel DB.
The Laravel site has Laravel Passport (OAuth2 based) installed because it uses it for a Flutter app.
I know that REMOTE_USER is "the Django way" of achieving external auth but, I don't know where to go from there. If it makes a difference, the Django app will be a full REST application using DRF because its frontend will be ReactJS.
Can anyone explain how to achieve external auth with Django, particularly when the authentication server is OAuth2 based? Or better yet, how it can work with Laravel Passport in particular.
Thanks

Angular 6 and DRF Django Social authentication

I'm using Angular 6 for the front-end and for the back-end I have Django. I connect the front-end and back-end with Django Rest Framework. I need to implement social authentication with (Google, Facebook, LinkedIn). right now I'm using angular-6-social-login. But I don't know how to implement it in the back-end.
use this package https://github.com/RealmTeam/django-rest-framework-social-oauth2
It is one of the packages listed on the Django Rest Framework documentation https://www.django-rest-framework.org/api-guide/authentication/#django-oauth-toolkit

Web Development - Should social login be performed on frontend or handled on the backend of and application?

I am building a social login based application using Django on the backend and I want to know whether it is a good practice to do Social Auth(facebook, google, github, twitter etc.) on the front end or the backend of an application?
For example, If I want to allow a user to signup using their facebook account, is it a good idea to handle that using JavaScript on the front end or using Django on the backend(e.g, using something like social_auth_app_django)?
Both sides =) The authToken you store should placed in your backend while the session interaction could be done with the frontend.
If you are a beginner ,My recommendation is to go with Django Social Auth.
Django Social Auth is an easy way to setup social authentication/authorization mechanism for Django projects.
docs : http://django-social-auth.readthedocs.io
github :https://github.com/omab/django-social-auth
Installation:
pip install django-social-auth

Connect with Facebook in Django Rest Framework + Django Social Auth

I'm using Django Social Auth for connect with Facebook issue and it works perfect. I have developed an API for my Django app with Django Rest Framework. But I'm confused about using Django Social Auth with Django Rest Framework for iOS devices.
I have searched 1, 2, 3 and 4 but they are generally with Angular.js. I'm not familiar with iOS development.
What is different between facebook connect with spa and a mobile device? * How could I use these packages together?
May I migrate from django-social-auth to python-social-auth?
You can now authenticate your users against your django-rest-framework with bearer tokens/third party access tokens from any python-social-auth backend (Facebook, Google, Github, etc.) using this library https://github.com/PhilipGarnero/django-rest-framework-social-oauth2
This module provides a python-social-auth and oauth2 support for django-rest-framework. Thus this saves you a lot of time to setup what is required to have your DRF with social authorization and to be OAuth2 secure.
I think that you can achieve that using django rest framework, django-rest-auth and allauth.
Those three work nice together.
With django rest framework you already familiar.
The allauth is responsible for the social authentication.
The django-rest-auth responsible for create the RESTful api for the social authentication, i.e. the connection between django-rest-framework and allauth.
It is recommended that you let python-social-auth handle the Facebook login for you, and instead you use another OAuth plugin for Django REST Framework to authenticate with Django. This has the added benefit of also supporting non-Facebook login through the standard Django authentication system.
I'm confused about using Django Social Auth with Django Rest Framework for ios devices.
I recently answered a similar question about implementing authentication with python-social-auth and Django REST Framework. It includes some important points to read about when implementing authentication using a third party along with some important notes about how you should not pass the third-party OAuth tokens back to your client.
How could I use these packages together?
While that answer specifically mentions using OAuth as the authentication method for the API that is behind python-social-auth, you can use other authentication methods that internally use Django authentication system, such as TokenAuthentication. In any case, you will end up proxying authentication between your front end application and your third party authentication provider, using your back end API.
What is different between facebook connect with spa and a mobile device?
Facebook provides direct integration with some mobile operating systems, most notably iOS and Android. This bypasses your API for authentication, and directly authenticates your mobile application with Facebook. Ideally, it would be authenticating your back end API instead of the mobile application. This may still be possible to do if you pass the access token back to your API manually, essentially doing the same thing that python-social-auth would be doing, but that could be risky and may not be worth the extra effort.
Facebook Connect (now known as just Facebook Login) works in a similar way to how Facebook integration works on mobile devices. The one difference that may work in your favor is that it's very easy to move from Facebook Login for single page apps, to an OAuth-based authentication pattern. This is documented in the Facebook developers documentation as "Manually Building a Login Flow" and is compatible with libraries that support OAuth-based login, like python-social-auth.
May I migrate from django-social-auth to python-social-auth?
This shouldn't be an issue anymore, as python-social-auth has effectively replaced django-social-auth.