Is there a way, when hitting Django admin site, it redirects to a 3rd party authentication page. User logs in there, then gets redirected back to Admin site without having to log in again?
Basically I want to replace Django admin login by another authentication, so I can insert a link to my web app and admins can access admin page right away.
EDIT:
did a bit more research and will refine my problem.
Say I want to login from http://localhost:8000/admin/login/, I assume I need to redirect the user/admin to the 3rd party login page, then once the auth is successful, I should redirect him back to the next page after login. Where/what should I modify?
EDIT2:
I'm following this example
https://auth0.com/docs/sso/current/single-page-apps
Could get the server to run on 5000 but the auth still fails and returns 400
How do I get from my React app in localhost:3000 to my django admin page in localhost:8000 without needing to log in again?
Yes, its possible, you can use authenticate functions to authenticate your request, so when your come back from your 3rd party authentication page you get your response being success or failed and run authenticate function and now your user will be logged... this is kinda a dirty way to do that...
You can also write your own Authentication method and setup at your settings
https://docs.djangoproject.com/en/2.0/topics/auth/customizing/
Related
I'm trying to understand if I can be logged in as a user in both the django admin and frontend at same time in development mode. For some reason both won't work.
If I log out of admin I can request data and do some crud operations in the frontend.
If I'm logged in the admin and logged in the frontend all crud like operations receive a 403 error.
I'm using django/backend nuxt/fronend and docker.
What do I need to do in order to have both logged in and working on data?
Is the auth token set in the cookie? Try setting up an alias for localhost so that you can store cookies from 2 "different" hosts.
https://www.techwalla.com/articles/how-to-change-your-local-host-name
So 1 tab localhost:8080 and one tab myfakedomain.com:8080
Here at my company, we started using Ping Federate as our Identity provider, this is linked with the AD for user info and so on.
The login works via the OAuth page, and this works great, I can login, do things, then when my access_tokenexpires this get's refreshed and I can continue without the user even noticing it.
But now I got the request of one of the users if he could switch logins.
but this isn't possible, because when I click login, the popup of PingFederate that get's fired doesn't asks for the credentials, it just continues and uses the last credentials.
However when i clean my cookies and I login it asks for the credentials again, but I can't ask the users to clear all it's cookies whenever he wants to switch users.
I tried clearing the cookies of the PingFederate Domain when I logout, but no luck:
me.$cookies.remove('PF', {domain: 'federation.xxx.com'});
any body else has an idea what I can do to make this work?
You should be able to use PingFederate's logout features to achieve what you're after.
If you're using just the HTML Form Adapter to log in users, then you can configure a logout path in your adapter instance that you can ask users to go to to logout. See "Logout Path" here: https://support.pingidentity.com/s/document-item?bundleId=pingfederate-93&topicId=ttq1564003023121.html
Alternatively you could enable single logout (SLO) which will trigger a logout at all adapters or other authentication sources the user may have logged in to. For more details, see:
https://support.pingidentity.com/s/document-item?bundleId=pingfederate-93&topicId=php1564002958041.html
https://support.pingidentity.com/s/document-item?bundleId=pingfederate-93&topicId=pqn1564002990312.html
I'm using ember-simple-auth for my Ember app, but I don't have an API endpoint to authenticate users, rather it does a page redirect to the form and signs a user in, then redirects back to my app. (I don't own the authentication)
After authentication, it gets redirected back to me, so I know on the server side when a user has been successfully authenticated. How do I manually authenticate the users' session when they are redirected back to my app?
Currently I did a hack to write two cookies: ember_simple_auth:access_token and ember_simple_auth:authenticator.
I think setting up the session store manually is an ok solution in this scenario as that will trigger the session to be restored after the redirect (which is on startup of the Ember application). I'd maybe configure a custom authenticator that redirects to the external login page in the authenticate method. That way you have that redirect centralized and it will also be triggered automatically whenever Ember Simple Auth automatically enforces session authentication (e.g. from the AuthenticatedRouteMixin).
I am using Facebook login integration on my asp.net site. What I want is that when a user logs off the site, I want him to also log off the FB application, but not Facebook itself. If I call FB.logout(), it logs off FB as well as the app.
I guess what I want is to lose the acess_token cookie for the app, but I can't figure it out.
FB.api({ method: 'Auth.revokeAuthorization' });
I dont think that is possible as the login for both the application and FB is done using FB credentials..
In case you want to de-authorize the user from your application you can issue an HTTP DELETE request to /PROFILE_ID/permissions to revoke authorization for an app.
I'm not sure this is a good idea. Even if you removed the session for your website, if they are still logged into facebook, they may as well still be logged into your website. They are essentially the same thing. You need to log them out of facebook to ensure their security on your site, otherwise it just takes someone sharing the pc or cookie sniffing, to get access to their account on your site
edit: also, if you just want to delete the cookie, you can simply do this with javascript.
I am using Twitter OAuth to login users. The login takes users to Twitter and upon successful OAuth returns them to a specified url. From this url I would like to redirect users back to the page they were on before logging in.
What is a good way to do this?
Two ways:
Craft your OAuth URL so it sends them back to the right page, or at least says next=url in the querystring. This is most reliable but can break (and does look ugly but who's copying and pasting OAuth URLs anyway?)
Store a session containing the last requested "real" page. I say "real" like that because I don't count any auth/registration pages as real. So every hit, check to see what URL they're on, if it's not auth-related, store it in session. When they hit your OAuth-auccess page, redirect them to the session value. You can do this in a context processor or some middleware. Requires cookies and logout will nuke it.
i am using redirect url in twitter auth url and its working for me ..