I am facing some problem while working with django-allauth. I am using google authentication with the help of django-allauth. I have set the redirect url in the google api console as directed in the official documentation.Also, I have set the LOGIN_REDIRECT_URL as stated in the documentation.
Authorized redirect url in google api console:
http://127.0.0.1:8000/accounts/google/login/callback/
Settings.py
LOGIN_REDIRECT_URL = "user_dashboard"
SOCIALACCOUNT_PROVIDERS = {
'google': {
'SCOPE': [
'profile',
'email',
],
'AUTH_PARAMS': {
'access_type': 'online',
'hd': 'xxx.yyy'
}
}
}
urls.py
url('^', include('django.contrib.auth.urls')),
url(r"accounts/profile/logout", views.my_logout, name="logout"),
url(r'^accounts/',include("allauth.urls")),
url(r'^admin/', admin.site.urls),
url(r'^admin/inventory_management_app/device/router_specifications/', views.pdf_download, name = "pdfdownload"),
url(r'^admin/inventory_management_app/repair/repair_invoice/', views.repair_pdf_download, name = "pdfdownload"),
url(r'accounts/profile/home',views.my_dashboard,name='user_dashboard'),
url(r'accounts/profile/user_dashboard', views.my_dashboard, name = "user_dashboard"),
I get a social network authentication failure. I overrode the authentication_error.html to find the cause but, still did not get any workable response.
requesting your help at the earliest.
Related
I'm using Django 4.1 (Djoser doesn't work with 4.x) and dj-rest-auth (if I'm not mistaken, registration is provided by django-allauth module). What am I trying to achieve is getting new user to a profile creation page ('/api/v1/new_hero/' endpoint), right after he signs up. Without any email verification, just right into it. But for now, with all theese settings, after registration, django keeps the user on the same ('auth/registration/') page with tokens demonstration and other stuff. By the way, situation keeps similar with loginning. How am I supposed to direct the user to a target page?
settings.py:
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
REST_USE_JWT = True
JWT_AUTH_COOKIE = 'jwt-auth'
SITE_ID = 1
LOGIN_REDIRECT_URL = '/api/v1/new_hero/'
ACCOUNT_SIGNUP_REDIRECT_URL = '/api/v1/new_hero/'
ACCOUNT_AUTHENTICATED_LOGIN_REDIRECTS = True
ACCOUNT_EMAIL_VERIFICATION = 'none'
urls.py
urlpatterns = [
re_path(r'^docs(?P<format>\.json|\.yaml)$', schema_view.without_ui(cache_timeout=0), name='schema-json'),
re_path(r'^docs/$', schema_view.with_ui('swagger', cache_timeout=0), name='schema-swagger-ui'),
re_path(r'^redoc/$', schema_view.with_ui('redoc', cache_timeout=0), name='schema-redoc'),
path('admin/', admin.site.urls),
path('api-auth/', include('rest_framework.urls')),
path('api/v1/', include('items.urls')),
path('auth/', include('dj_rest_auth.urls')),
path('auth/registration/', include('dj_rest_auth.registration.urls')),
]
items/urls.py
urlpatterns = [
path('items/', ItemsListCreateView.as_view(), name='list_items'),
path('items/<int:pk>/', ItemDetailView.as_view(), name='update_item'),
path('heroes/', HeroListView.as_view(), name='list_heroes'),
path('new_hero/', HeroCreateView.as_view(), name='create_hero'),
path('heroes/<int:pk>/', HeroDetailView.as_view(), name='update_hero'),
path('classes/', HeroClassListCreateView.as_view(), name='list_classes'),
path('weapons/', WeaponClassListCreateView.as_view(), name='list_weapons'),
# path('reg/', Registration.as_view(), name='custom_registration'),
]
I tryied different django-allauth settings, checked correctness of INSTALLED_APPS, AUTHENTICATION_BACKENDS and other sections of settings.py, and it all end up here, with me writing a question.
My goal is to implement google authentication in my Django website. But it shows,
Access blocked: This app’s request is invalid
You can’t sign in because this app sent an invalid request. You can try again later, or contact the developer about this issue. Learn more about this error
If you are a developer of this app, see error details.
Error 400: redirect_uri_mismatch
Why did it occur? I tried to implement it in the local host. Give me an understandable solution so that as a beginner I can understand. The same Kinda issues occur for the facebook authentication too.
google developer console:
Authorized JavaScript origins:
urls1:http://localhost:8000
urls2:http://127.0.0.1:8000
urls3:http://localhost:3000
urls4:http://localhost
Authorized redirect URIs:
urls1:http://127.0.0.1:8000/
urls2:http://localhost:8000
urls3:http://localhost:3000
urls4:http://localhost
settings.py:
MIDDLEWARE = [
'social_django.middleware.SocialAuthExceptionMiddleware',
]
context_processors:
'social_django.context_processors.backends',
'social_django.context_processors.login_redirect',
AUTHENTICATION_BACKENDS = [
'social_core.backends.google.GoogleOAuth2',
'django.contrib.auth.backends.ModelBackend',
]
LOGIN_URL = '/'
LOGIN_REDIRECT_URL = '/'
LOGOUT_URL = '/'
LOGOUT_REDIRECT_URL = '/'
SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '****' #security purpose I hide this
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = '****' #security purpose I hide this
urls.py
path('social-auth/', include('social_django.urls', namespace='social'))
template:
<i class="fab fa-google"></i>
Add these to your google console's Authorized redirect URIs:
http://127.0.0.1:8000/auth/google_oauth2/callback
http://localhost:8000/auth/google_oauth2/callback
Hello I am using django and django all auth for authentication and am using the google feature so that when a user decides to sign in it authenticates with his google account then it will redirect him to the home page in my case to localhost:8000 in developement. But when I do try it does authenticate but instead of sending to localhost:8000 the home page it sends to this url: http://localhost:8000/accounts/profile/# not sure why.
Here is my settings.py file.
ACCOUNT_LOGOUT_REDIRECT_URL ='/'
ACCOUNT_LOGIN_REDIRECT_URL ='task_list'
ACCOUNT_SIGNUP_REDIRECT_URL = '/'
SOCIALACCOUNT_PROVIDERS = {
'google': {
'SCOPE': [
'profile',
'email',
],
'AUTH_PARAMS': {
'access_type': 'online',
}
}
}
any help I would appreciate Thank you.
From the docs
The default behaviour is to redirect authenticated users to
LOGIN_REDIRECT_URL when they try accessing login/signup pages
So all you need is to set this:
LOGIN_REDIRECT_URL = '/'
i am trying to connect Okta with a custom Django (v.3.0.2) app i am coding, using the mozilla-django-oidc library. So far the initial user authentication and account creation (using Django's user model) works, but i don't understand what i need to do to have the Django AdminSite work.
The Adminsite, before introducing mozilla-django-oidc worked as expected. I created an admin user, named "admin" and the user was able to login.
To integrate the mozilla-django-oidc library i followed the instructions here: https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html. The instructions do not have any specific mention of the AdminSite.
When i access the AdminSite after the library integration, i have the following:
The AdminSite uses the default template - my assumption was that it
would also use Okta to authenticate.
The admin account "admin" that used to be able to login into the AdminSite does not work anymore
My goal is to be able to access the AdminSite. I don't mind if it will be over Okta or over the vanilla interface as long as i can access it.
Below are the relevant segments from the files (in order to integrate):
urls.py
urlpatterns = [
path('', static_site.site_index, name='site_index'),
path('admin/', admin.site.urls),
path('review/', include('review.urls')),
path('oidc/', include('mozilla_django_oidc.urls')),
]
settings.py
# OICD
AUTHENTICATION_BACKENDS = (
'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
)
OIDC_RP_CLIENT_ID = 'xxxxx'
OIDC_RP_CLIENT_SECRET = 'xxxx'
OIDC_RP_SIGN_ALGO = 'RS256'
OIDC_OP_JWKS_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/keys'
OIDC_RP_SCOPES = 'openid email profile'
OIDC_OP_AUTHORIZATION_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/authorize'
OIDC_OP_TOKEN_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/token'
OIDC_OP_USER_ENDPOINT = 'https://dev-xxx.okta.com/oauth2/default/v1/userinfo'
# Provided by mozilla-django-oidc
LOGIN_URL = reverse_lazy('oidc_authentication_callback')
# App urls
LOGIN_REDIRECT_URL = reverse_lazy('review:dashboard')
LOGOUT_REDIRECT_URL = reverse_lazy('site_index')
Any ideas or pointers welcomed!
The goal was achieved by adding the default auth backend to the settings:
settings.py
AUTHENTICATION_BACKENDS = [
'django.contrib.auth.backends.ModelBackend',
'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
]
I don't get Okta auth for the admin, but since i am happy just to have the admin running, i will stop here.
I've come up with a solution for using the mozilla-django-oidc login with the django admin. It's a little hacky but it's a lot less intimidating to redirect the admin login page than to override AdminSite.
In my top-level urls.py I have
class CustomLogin(View):
def get(self, request, **kwargs):
return HttpResponseRedirect(
reverse('oidc_authentication_init') + (
'?next={}'.format(request.GET['next']) if 'next' in request.GET else ''
)
)
urlpatterns = [
path('oidc/', include("mozilla_django_oidc.urls")),
path('admin/login/', CustomLogin.as_view()),
path('admin/', admin.site.urls),
# the rest of my urls...
]
If you don't care about passing the ?next= value correctly you can skip the CustomLogin class and do the following instead
urlpatterns = [
path('oidc/', include("mozilla_django_oidc.urls")),
]
# This only works if you break up urlpatterns so the reverse below can find what it needs
urlpatterns += [
path('admin/login/', RedirectView.as_view(
url=reverse('oidc_authentication_init') + ?next=/admin/,
permanent=False
)),
path('admin/', admin.site.urls),
# the rest of my urls...
]
I added ?next=/admin/ because by default once you log in you will be redirected to settings.LOGIN_REDIRECT_URL which I'm already using for something else
If you're using the default primary identifier, "email", you can create a superuser with that same email which will give SU privileges to that SSO user. So for example, if you have an SSOuser with email testuser#example.com, you can then run python manage.py createsuperuser and when prompted, set the email to testuser#example.com; the username and password don't matter since you're not actually using them for authentication (if you remove 'django.contrib.auth.backends.ModelBackend' from AUTHENTICATION_BACKENDS). I currently have this working, although I am extending the mozilla backend with the steps recommended in https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html#connecting-oidc-user-identities-to-django-users to prevent users from being created on the fly.
I have problem in connecting with Facebook backend of django-social-auth. I have created a Facebook app and in my project setting, I have provided its settings:
INSTALLED_APPS = (
...
'social_auth'
)
AUTHENTICATION_BACKENDS = [
"account.auth_backends.AuthenticationBackend",
'social_auth.backends.facebook.FacebookBackend',
'django.contrib.auth.backends.ModelBackend',
]
LOGIN_URL = "/"
LOGIN_REDIRECT_URLNAME = "home"
LOGOUT_URL = "/"
urlpatterns = patterns('',
...
url(r'', include('social_auth.urls')),
...
)
TEMPLATE_CONTEXT_PROCESSORS = (
...
'social_auth.context_processors.social_auth_by_type_backends',
)
SOCIAL_AUTH_EXPIRATION = 'expires'
FACEBOOK_APP_ID = '***************'
FACEBOOK_API_SECRET = '**************'
FACEBOOK_EXTENDED_PERMISSIONS = ['email', 'user_birthday', 'user_photos']
In 'Site Url' of my app on Facebook I have provided IP of my PC. Now when I connect with Facebook through my IP with my own account then it works fine. But when I try to connect with some other Facebook account then it give the error on permissions page:
"Sorry, something went wrong.We're working on getting this fixed as soon as we can."
Can someone has any idea?
In Facebook each app has certain permissions for Facebook Users, you are the lead developer, you can add testers and what not, Its on the app configuration interface.
For Facebook backend of django-social-auth to work properly then runserver on your IP instead of running on localhost.