I got my application up and running, integrated with facebook login.
Nevertheless, what is annoying me is that when I am connecting with facebook, it redirects me to www.facebook.com where I must enter my facebook password. Afterwards, I get redirected to homepage.
Can't I simply connect to facebook without redirecting to fb and asking for password? It is the behaviour I have seen to other sites where I am loging in with my facebook account. I am not prompted to introduce the password.
Is there any setup that I am missing?
You probably has set the auth_type param to 'reauthenticate' that makes facebook to asks the person to re-authenticate unconditionally.
Try to remove this param from your SOCIALACCOUNT_PROVIDERS setting:
SOCIALACCOUNT_PROVIDERS = {
'facebook': {
'SCOPE': ['email',],
'AUTH_PARAMS': {}, # Leave this empty
'METHOD': 'oauth2'
}
}
Hope this helps you.
Related
I am attempting to create Reset Password functionality using Djoser. I am successfully hitting my API's auth/users/reset_password/ endpoint, which is then sending an email as expected. But the problem is occurring in the content of the email. It is sending a redirection link to my api, rather than to my frontend.
Please note, any <> is simply hiding a variable and is not actually displayed like that
Here is an example of what the email looks like:
You're receiving this email because you requested a password reset for your user account at <api>.
Please go to the following page and choose a new password: <api>/reset-password/confirm/<uid>/<token>
Your username, in case you've forgotten: <username>
Thanks for using our site!
The <api> team
The goal with this email is to send the user to the /reset-password/confirm/ url on my frontend, not on my api, which is currently occurring.
Here are my DJOSER settings:
DJOSER = {
'DOMAIN': '<frontend>',
'SITE_NAME': '<site-name>',
'PASSWORD_RESET_CONFIRM_URL': 'reset-password/confirm/{uid}/{token}',
}
The expected behavior is for the DOMAIN setting to alter the link that is being placed in the email, but it is not. I can't seem to find reference to this particular problem within the docs.
Any help here would be greatly appreciated, thanks.
I figured it out:
Due to Djoser extending the package django-templated-mail, the variables DOMAIN and SITE_NAME have to override django-templated-mail setting rather than Djoser's setting. So, you have to pull variables specific to django-templated-mail out of the Djoser variable.
The working setup actually looks like:
DOMAIN = '<frontend>',
SITE_NAME = '<site-name>',
DJOSER = {
'PASSWORD_RESET_CONFIRM_URL': 'reset-password/confirm/{uid}/{token}',
}
Reacntly, I have a project that login our website with facebook jsut like the stackoverflow!
limits:
I can't open a new window! so the function FB.loigin() was dropped!
FB.login(function(response)
{
if(response.status == 'connected'){
}
},{scope: 'email'});
So, I only can use the way of <<Manually Build a Login>> Flow to guild user to login in!
But,when I set redirect_uri like this one:
xxx&redirect_uri=https://www.facebook.com/connect/login_success.html
when user input the username and password! they redirect to
facebook.html/contact/login_success.html
can't redirect to my page!!!
SOS!!!
I want to pass info to React about the current authenticated user within an app that only uses social authentication on the backend (that is processed by social_django). All of my user and user token info is stored within django REST, and to access the tokens, I normally have to send POST requests to rest_framework.authtoken's obtain_auth_token view. My django root urls.py file looks like:
...
from rest_framework.authtoken.views import obtain_auth_token
urlpatterns = [
...
url(r'^obtain-auth-token/$', obtain_auth_token),
...
]
However, in order to actually get the auth tokens associated with the users in my database, I need to supply the username and password within my POST request. Social authentication automatically creates new users without assigning any passwords, so how do I get those tokens?
Have you got this working? If no, here is what I did. Hope it helps.
My Setup:
Django with Postgres
Django Rest Framework for REST API implementation
Python Social Auth (PSA) for Social Authentication (For now using Google+ libraries)
Reactjs frontend
While using Login for login, it translates to /login/google-plus/. This not only get's the acess_token but also creates a "social user" in your database. I used oauth 2.0 client side libraries in my case and roughly followed this approach to fetch the google user object with all the details on the client side. I replaced form in above link with ajax call which is more flexible and gives control to me to access tokens and other information necessary. The ajax call here ensures creation of social user in social auth table within the database.
<script type="text/javascript">
gapi.load('auth2', function () {
let auth2;
auth2 = gapi.auth2.init({
client_id: "YOUR CLIENT ID",
scope: "profile",
cookie_policy: 'single_host_origin'
});
auth2.then(function () {
let button = document.getElementById("google-plus-button");
auth2.attachClickHandler(button, {}, function (googleUser) {
// Send access-token to backend to finish the authenticate
// with your application
let authResponse = googleUser.getAuthResponse();
$.ajax({
"type": "POST",
"url": "/complete/google-plus/",
"data": {
"access_token": authResponse.access_token,
"CSRF": "{% csrf_token %}"
}
}).then(function(data){
console.log(data);
// Your success code
}).fail(function(error){
console.log(error);
});
});
});
});
</script>
Once you fetch the access_tokens you can store them in browser local storage till the user logs out. On log out you can delete them.
This method works well for me for the setup I mentioned. Also the problem of querying /obtain-auth-token with username and password is not there at all.
Would definitely be interested to know if there are other ways of accessing social auth tokens from PSA django. Cheers!
Im using Google tutorial to get access token for my web application. but in the following steps:
Your web application redirects the user to Google Authorization page
User grants your web application access
Google redirects the user back to your web application and returns an authorization code
I dont know how to get this authorization code ? actually in my python code I dont know how to get "auth_code"
data = urllib.urlencode({
'code': auth_code,
'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': redirect_uri,
'grant_type': 'authorization_code'
})
I found my solution :)
I should past this url in my browser and get the code
print '%s?client_id=%s&redirect_uri=%s&scope=%s&response_type=code' % \
('https://accounts.google.com/o/oauth2/auth',
clientID,
redirect_uri,
'https://www.googleapis.com/auth/fusiontables')
I need to share a page from my php website to user's facebook wall. If user is not logged into facebook, my website redirects to the facebook login page using
$user = $facebook->getUser();
if($user) {
$result = $facebook->api(
'/me/feed/',
'POST',
array('access_token' => $this->access_token, 'link'=>'google.com', 'message' => 'Test link')
);
$this->Session->setFlash('Your link has been succesfully posted on your wall');
$this->redirect($this->referer());
}else {
$login_url_params = array(
'req_perms' => 'publish_stream',
'redirect_uri' => 'localhost/pictrail' //thts the same path I gave to my facebook app
);
$login_url = $facebook->getLoginUrl($login_url_params);
header("Location: {$login_url}");
exit();
}
So, when the user is not logged into facebook .. it redirects to facebook for the user to log in, afterwards it redirects to localhost/pictrail regardless of the url i put in there. I want to redirect it to say localhost/pictrail/images/param ... how can i achieve this? I tried 'localhost/pictrail/images/99' but it didn't work. Everything works fine when the user is logged into facebook.
You cannot redirect from Facebook to localhost as it's not a valid address.
The way that I got around this, for development, was to edit my hosts file and replace the domain with my local ip.
www.example.com 127.0.0.1
Then you can redirect to www.example.com from your Facebook app and it will render your local development version.
Be sure to add this domain to your local server's vhost or similar.
Sorry I misread your question. To change the Facebook redirect url you need to change it in your Facebook app. So you'd have to pass a custom field through to Facebook and then tack it back on afterwards.
Have a look through this, https://developers.facebook.com/docs/authentication/server-side/