I am working on what might become a sort-of kiosk app. I am new to python and django but it is rolling along. My allauth flow for signup uses either a social login (Google for the moment) or a "local" email address & password.
If I login with a Google account then logout I am redirected to the sign-in page, cool. The thing is I have not really been logged out of the Google account. If I click the social login link then I am back in the user area with no password challenge.
Does allauth have a way to logout and have the social auth token removed? Do I need to catch the logout signal and find/delete the token myself?
Looks like there is a built-in solution. There is an action parameter that can be given the value "reauthenticate". Being new to this stuff I am not positive that I have added it in the python/django way but I have edited the template:
myProject/templates/allauth/socialaccount/snippets/provider_list.html
and added action=reauthenticate" to the social auth href line a la:
{% load socialaccount %}
{% get_providers as socialaccount_providers %}
{% for provider in socialaccount_providers %}
{% if provider.id == "openid" %}
{% for brand in provider.get_brands %}
<li>
<a title="{{brand.name}}"
class="socialaccount_provider {{provider.id}} {{brand.id}}"
href="{% provider_login_url provider.id openid=brand.openid_url process=process action='reauthenticate' %}"
>{{brand.name}}</a>
</li>
{% endfor %}
{% endif %}
<li>
<a title="{{provider.name}}" class="socialaccount_provider {{provider.id}}"
href="{% provider_login_url provider.id process=process scope=scope auth_params=auth_params %}">{{provider.name}}</a>
</li>
{% endfor %}
That seems to do the trick.
Related
in the web site that i'm working on , I have an authetication system and I'm using django allauth at the same time so the user can login with his gmail or facebook account if he wants . how can I check in the template if the user has logged in with his facebook/gmail account ?
i want somthing like this
{% if user not 'use his facebook or gmail' %}
<a href="{% some url %}">
<button type="button" class="btn btn-primary" data-dismiss="modal">somthing </button>
</a>
{% endif %}
i've found this and it has done what I needed
{% load socialaccount %}
{% get_social_accounts user as accounts %}
{% if accounts %} "if the user has logged in using his facebook account or his google account"
"do somthing here"
{% endif %}
for more details check the documentation of django-allauth
for future readers, in view.py you do can something like this to detect if user is a social user or not
is_social = user.socialaccount_set.exists()
it returns True if your logged in with facebook/google/...
else it return False
I need the search result to be validated together with the statement that it is a query inside the template.
So if the user is searching for another user and this user does not exist, it returns nothing. otherwise it returns the username of the user.
If request.user just checks the user that is logged in.
something like this
{% if request.GET.q and request.GET.q.is_authenticated %}
but this does not work :D Thank you
Can I use is_authenticated or is there a better way?
<li class="dropdown-hover">
<form class="form-inline">
{% include "tweets/search_form.html" %}
</form>
{% if user in request.GET.q.is_authenticated %}
<div class="dropdown-content x-card-4 x-bar-block" style="width:300px">
<a href='{{ request.GET.q }}'>{{ request.GET.q }}</a><br/>
{% else %}
<div class="dropdown-content x-card-4 x-bar-block" style="width:300px">
<a href='#'>No users found</a><br/>
{% endif %}
</li>
Thank you for any help
There is a better way, just do {% if request.user.is_authenticated %}.
you need to add loginRequiredMixin in your class so it allow to perform tasks only if user is logged in otherwise it redirect to login page.
#andre If you want to show/hide html tags in a template to the guest/logged-in user, you can use this {% if user.is_authenticated %} or you want to show some pages to the logged-in user #tabish-manzoor's solution is great.
I have problems making actual User instance when using django-allauth.
I let users to login with other SNS account, and then It creates sociall accounts, not User instance on server.
And this 'all-auth' is also a problem. I read many lines of official docs and code but I can't even guess how it works.
{% load socialaccount %}
<ul>
{% for provider in providers %}
<li>
{% if provider.social_app %}
{{provider.name}}
{% else %}
<a>Provider {{ provider.name }} is not ready yet</a>
{% endif %}
</li>
{% endfor %}
</ul>
It's all I typed. (beside starting setups).
I click that provider_login_url, it goes to social login, my social account is authorized and I get logged in to may service.
I want to know how it works internally.
And how to make User instance that I can see and manage on my admin page.
I am having problem with facebook login app integration the problem is
'auth' is not a registered namespace
the problematic part is the:
<p>
{% if user and not user.is_anonymous %}
Hello {{ user.get_full_name|default:user.username }}!
{% else %}
I don't think we've met before
{% endif %}
</p>
Login
Logout
I got that auth is not recognized but in the tutorial there were no problem with that. I am using django versio 1.9.5.
I have following code in my template:
<div class="account">
{% if request.user.is_authenticated %}
<a href="{% url settings %}"
class="iconed username">{{ request.user.username }}</a>
|
<a href="{% url logout %}?next={{ request.path }}"
class="iconed logout">{% trans "Logout" %}</a>
{% else %}
{% trans "Login" %}
|
<a href="{% url sign_up %}?next={{ request.path }}"
class="iconed sign-up">{% trans "Sign up" %}</a>
{% endif %}
</div>
As you can see, it shows different links depends on user logged in or not. It works fine if I test it by hands, but when I try to test it with following code:
def test_home_logged_in(self):
if self.client.login(username='Test', password='secret'):
home = self.app.get('/')
self.assertOK(home)
self.assertContains(home, '/settings/')
self.assertContains(home, '/logout/')
else:
self.fail("Couldn't log in.")
login() returns True, but test fails. I called showbrowser() for home object and see, that page that was returned, looks like page for anonymous user - it contains links to sign up and login besides links to settings and logout.
Is it correct to use *request.user.is_authenticated* in template to check if user is authenticated? Why template doesn't see that user was signed up from test?
Thanks!
Based on your other questions, I'm guessing you're using django_webtest. If so, you can specify to the request which user you want to be logged in as. So to access the homepage as user 'Test' you would do:
home = self.app.get('/', user='Test')
It is correct, but you need to have django.core.context_processors.request in settings.TEMPLATE_CONTEXT_PROCESSORS to make request accessible from templates.