I'm following a tutorial in which we are using https://django-registration-redux.readthedocs.io for registrations redux settings.
Since the tutorial is from 2015 I wanted to check if Djnago had more robust built in features for this, or if going with a 3rd party app such as the one linked to above was still a good choice.
You can check django-allauth, it is stable and active. It offers local registration and as well as social authentication for many providers. For more registrations packages you can check this grid.
Related
I am a nodejs developer but currently migrating to django(being a python lover). I am trying to implement OAuth2 in Django Rest Framework but I don't know how to start.
In nodejs, there is passportjs library which is well maintained, and it's got stratigies for every possible authentication type. What about django rest framework ? User name/password auth seems straightforward but oauth2 is not well covered.
In DRF docs here, It mentions two libraries for oauth. The first is django-oauth-toolkit which is well maintained but after going through docs, I didn't seem to understand much, it doesn't even talk about googl/facebook oauth. I am not sure what it is used for, anyway. The second one is django-rest-framework-social-oauth2 which seems to be straightforward but it's not been touched for over a year, it's probably not maintained any more.
So, How do you guys do oauth2 in your DRF projects ?
I hope you have solved this already. You can check my repo: It offers a simple way of authenticating against major ouath2 vendors. Here it is https://github.com/wagnerdelima/drf-social-oauth2.
You can also check my other repo https://github.com/wagnerdelima/facebook_setup. It integrates https://github.com/wagnerdelima/drf-social-oauth2 as an example to make it easy for newcomers.
I want some advice on choosing right package in a REST Api django project
For authentication:Which one of below I should choose ?
django-oauth-toolkit: seems to be the most robust and recommended oauth library for DRF. This do not have account management. How can i implement account management with this package? If yes, can I get some guide.
django-rest-auth: API endpoints for authentication, and basic account management for DRF. But seems not as robust as django-oauth as django-oauth allows token expiery etc. or i am missing some feature of rest-auth
For authorisation: I will be going for django-guardian over django-role-permission. Later seems more like back end utility to control user roles.
My deep desire is to use oauth-toolkit but it does not have basic user management. On the contrary rest-auth has user management but lacks (seems to be) roubustness of oauth.
Please help me make a choice.
I came to understand that DRF supports builtin support for OAuth2 and provides token utilising 'provider.oauth2'dependency hence django-oauth-toolkit could be avoided just in case.
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.OAuth2Authentication',
),
Thanks every one for your interest.
Django rest auth amounts to a small set of API views around django-allauth which is (according to github usage stats) much more used than oauth-toolkit.
allauth is pretty great and has a long list of available providers. Adding a new one is very easy and can nearly be completed 100% through the admin interface.
rest_auth essentially wraps django allauth to make it available via API. Where rest_auth falls short, it is fairly easy to implement what you need to work directly with allauth. If you need jwt support with rest_auth they recommend another 3rd party library.
The biggest problem with rest_auth we've run into is that the documentation is just OK and there are many open issues in the repo that should be closed with more clear resolution, there is a lot of misinformation in the issues.
Looking forward to resolving some of that confusion by inquiring as to the State of rest_auth
As far as your need for user management goes, django user management is robust as is.
I'm looking for a quick books oauth implementation in my app, i was wondering if there are any third party libraries which i can make use of instead of implementing on my own. I don't see a sample sdk for django in their website.
Have you checked django-quickbooks?
I'm confused very much, because django-social-auth and python-social-auth seem to be the same, but they are not. In fact python-social-auth is based on django-social-auth.
Now I can't find any resource that compares those two by any means. I can't even find a statement in the python-social-auth docs why they made their own project instead of just working with django-social-auth.
For my project I need to settle on one of those two. Can you give me any help to make this choice?
Think you for your time.
django-social-auth has been deprecated in favor of python-social-auth. It even says this in the django-social-auth README.
python-social-auth was built using django-social-auth as a foundation. The main advantage/difference is that it now supports multiple frameworks.
the newest version is the python-social-auth, and django-socail-auth has been depricated.
python-social-auth is very modular library looking to provide the basics tools to implement social authentication / authorization in Python projects. For that reason, the project is split in smaller components that focus on providing a simpler functionality. Some components are:
social-auth-core Core library that the rest depends on, this contains the basic functionality to establish an authentication/authorization flow with the diferent supported providers.
social-auth-storage-sqlalchemy, social-auth-storage-peewee, social-auth-storage-mongoengine Different storage solutions that can be reused accross the supported frameworks or newer implementations.
social-auth-app-django, social-auth-app-django-mongoengine Django framework integration
social-auth-app-flask, social-auth-app-flask-sqlalchemy, social-auth-app-flask-mongoengine, social-auth-app-flask-peewee Flask framework integration
social-auth-app-pyramid Pyramid framework integration
social-auth-app-cherrypy Cherrypy framework integration
social-auth-app-tornado Tornado framework integration
social-auth-app-webpy Webpy framework integration
I was hoping to get some suggestions on some best approaches to develop a multi tenant Django project on Google AppEngine.
Some Thoughts to Consider.
I would assume using djnago.contrib.sites is a must.
I would like to use existing applications such as django-profiles and django-registration, I know their models would need porting.
Can multiple domains be pointed to the GAE App and the site be automatically chosen from the request headers?
IF not multiple domains, is there a way to say take a request say to www.example.com/tenantA/login and www.example.com/tenantB/login and push them to one view but with knowledge tennant without changing all the views, maybe using custom managers to hide the complexity from the views.
Generally hoping this will be a discussion of any approaches you have taken in the past or plan to take.
Looking forward to any Comments/Answers.
Regards
Mark
I can answer the App Engine questions for you, though I don't know the Django ones:
Yes, anyone can point a domain to your app using Google Apps, with the 'add services' option, entering your App ID when prompted. You can then check the 'Host' header to determine what site you want to use.
You can hide information per-tenant by using hooks to automatically insert the host in entities and queries: http://code.google.com/appengine/articles/hooks.html
Today Google released SDK 1.3.6, which includes multi-tenancy baked right into the solution.
http://googleappengine.blogspot.com/2010/08/multi-tenancy-support-high-performance_17.html