I want a registration system that allows email conformations with all normal registration goodies. I will be using userena, this seems perfect.
Next, I need to allow users to link with their twitter accounts or to sign with their twitter account if they want.
So what are my options? I was looking at using django social. can the two be linked? or is there a better solution?
Thank you.
You may want to have a look at django-allauth over at http://github.com/pennersr/django-allauth -- it offers "all normal registration goodies" together with Twitter signin (and lots of others), all out of the box, with flows that just work.
Whether or not it is the better solution I will leave up to you to decide.
(Note: even though I am the author of allauth this answer is meant to be honestly helpful and is not to be regarded as a shameless form of self promotion)
Related
I've been trying to add a functionality to my app, so that uses can push the posts they create on my website to there Facebook, Twitter and G+ profiles.
So I decided django-allauth can be a good way to go about it. But what I want is users to Register and Login using Django's Authentication backend and once they are in the system then they can choose to Link their FB, Twitter and G+ profiles.
Is there a way to achieve this kind of functionality using django-allauth?
Given our comment discussion above, your original question was not what you were really after.
Still to provide an answer to that original question, provided someone else is interested: allauth now (*) supports an is_open_for_signup(self, request, sociallogin) method that you can override. It lives on the DefaultSocialAccountAdapter. Simply return false here to disable social signups.
(*) since https://github.com/pennersr/django-allauth/commit/6794afedcdeaafa907f1184772371f44e742514f
This issue is very common in stackoverflow, and there's a lot of different questions and answers about it, yet I couldn't find exactly what I need.
First, I'd like to define exactly what I need: the option to let users log in to my app using their Facebook credentials. The app will save a matching classic Django user. I will only need to use the user's profile picture and to make sure that each time the same Facebook user will be related to the matching Django user.
Unfortunately, I find it really frustrating to implement for the following reasons:
By now, after reading a lot, I couldn't find out what is the best package for this task.
Some people recommend django-social-auth and praise its functionality and documentation. Personally, I don't understand why, since it's not specifically for Facebook and there are no explanations about the client side, i.e the Facebook login button and how the whole flow works.
When you go to Facebook developers, you suddenly find yourself reading about some magical javascript sdk, and about a promise that that's all you need. Then you get frustrated again and can't understand how a client side related sdk can sign up users to your app.
I know developers somehow implement Facebook auth packages in their apps, but I just can't figure out how to do it.
If anyone could tell me: at this time point, what is the best way to add Facebook authentication to my Django app? I would also ask for detailed documentation / tutorial that explains how to log in a Facebook user, from settings and configuration level through signup to Django app and to client side code.
There are multiple ways to approach the problem, what is the "best" way is really subjective.
Subjectively speaking, you could opt for django-allauth. Here are a few pointers to help you get started:
If you want to keep the signup simple, set SOCIALACCOUNT_AUTO_SIGNUP to True in order to achieve a "no questions asked" login. Users simply approve the FB dialog and they end up logged in in your site right away.
Adding a login button to your template is merely a matter of:
Sign In
The app offers support for the JS SDK login (pro: users are accustomed to the typical FB popup that appears), or you can use your own OAuth flow. Whatever you please.
The fastest way understand FB's Oauth 2.0 flow is to play with FB's Javascript SDK. Once you get the hang of it, the FB's PHP library is similar. Also, other OAuth sites like Google, Twitter or Dropbox have almost identical implementation.
In baby steps:
Learn how to install FB Javascript SDK onto a simple page
Use FB.login to determine login status and obtain the login url.
Lastly, use FB.Event.Subscribe and subscribe to auth.statusChange to detect the login/logout changes.
Also, good to check out https://developers.facebook.com/roadmap/ on the upcoming features or features being removed.
django-social-auth is not just for Facebook, but that doesn't mean you should use all the backends available.
Project documentation is at http://django-social-auth.readthedocs.org/en/latest/index.html and Facebook backend details at http://django-social-auth.readthedocs.org/en/latest/backends/facebook.html.
Before I post my question I would like to tell you that I'm aware of few excellent django packages out there for twitter and facebook integration:
Django-Facebook
django-social-auth
django-allauth
So, here's my question:
What I want?
I want to:
Allow users to registration via facebook and twitter. (easy to implement using any of above).
Allow multiple social accounts integration into one user account. (I think both #2 and #3 can do it.)
Create profile from facebook or twitter data (needs extended permissions in case of fb). So, it means we also need to access data from facebook and twitter.
Allow user to post to facebook and twitter from django app (activity as well as via forms).
Inviting and Finding facebook friends (#3 can do it.)
Provide same functionality as facebook app. (#3 can do it.)
Post to user's owned facebook page. (I'm not sure if #3 can do it.)
What I think
If I had to deal with facebook only then I think Django-Facebook answers almost all of my questions. But since I also want to support twitter I'm not sure what I should do. All I can think of:
Django-Facebook for facebook + django-social-auth or django-allauth for twitter. I'm not sure if this combination can work. Please let me know if you tried anything like that.
django-social-auth or django-allauth only if any of these can provide aforementioned facebook functionality as well.
[Edit:] Actually I'm looking for answers to both of the following questions:
If I choose to use django-social-auth only then can somebody point me to the samples/code snippets for interacting with facebook and twitter.
If I want to use Django-Facbook (because it provides lot of functionality), can I choose it for facebook and django-social-auth (or django-allauth) for twitter only. I mean to say everything related to facebook using Django-facebook and everything related to twitter using social-auth or allauth. Will this combination work?
Thanks for your valuable suggestions in advance.
django-social-auth is concerned with its namesake: authentication. The first 3 items in your list deal with authentication (plus profiles), so I'd use django-social-auth for those.
The rest are interactions with the various services and would best be served by other libraries like the one you mentioned (django-facebook etc.). django-social-auth will take care of access tokens and permissions, so you can use these in conjunction with the other apps to perform API operations.
I want to implement Facebook connect login for my Django site and I've checked the already existing apps.
So far, I have found Django-Socialauth, django-socialregistration, and django-facebookconnect for this purpose.
The question is which one to choose, and I would like to hear from other developers who have experience with any of these apps.
It is important for me that the Facebook Connect login app plays nicely with #login_required, with the default auth system, and with django-registration.
Please share your experience :)
Update (11/26/2013): I'm updating my recommendation. Since a sufficient amount of time has passed since I wrote this answer, I would recommend python-social-auth or django-allauth as the best tools for the job. They are active projects with good documentation and support for a lot more than just Facebook. I've had success using both.
I have had the most luck with adapting django-socialregistration with django-registration (0.8). Since you're working with django-registration, you're going to have to do a little bit of work, since all three of those packages assume the role of both the creation and the authentication of the user.
I was just going to explain what needed to be done, but you inspired me to finally get my version out: hello-social-registration.
Like I alluded to, it separates gives the registration functions to a django-registration backend and handles all the authorization itself. I've been using this on my near-beta application for a while now with no problems (I also handed it to a friend to use a few months ago and he got it to work without much modification).
It's definitely not ready to be a plug-and-play reusable application, yet, but hopefully it'll provide you with some insight. :)
By far the most commonly used package for Facebook authentication in Django is Django Facebook:
https://github.com/tschellenbach/Django-facebook
It also gives you access to the facebook APIs using the included Open Facebook api client.
I wanted to implement a basic "Login using Facebook" functionality in my Django app. I didn't want to show the user a form to fill or have her choose a password. I preferred to make it seamless.
Based on my requirements, django_facebook_oauth was the best app for me. It simply allows the user to login using facebook, and gets the user info my Facebook app requests from her (based on my Facebook Auth Dialog). It creates a new user in Django with the user's facebook email, a username and a blank password.
I highly recommend it.
Hi Take a look at fbconnect app that we (actually, Hernani, a guy on our team) put together for osqa (a clone of CNPROG).
You will have to, probably, tinker a bit to adapt that to your needs. It does work with #login_required decorator and the standard django.contrib.auth system, but we do not use django-registration.
Our app also works with openid and password login, but the openid part is tightly coupled with the Q&A component at present.
We may separate it though some time in the future, if anyone might be interested in "anything-signin" django pluggable app or has something better already - pls let us know.
I've used django-allauth and django-facebook on two different projects.
django-allauth was great and provided very good support for logging in and creating user profiles. It could also work with other auth providers, which I didn't implement.
django-facebook worked out of the box, but it's only compatible with Facebook. It also provided simple APIs for fetching users' likes and friends from Facebook directly into the db, which I liked very much!
facebook.get_and_store_likes(user)
facebook.get_and_store_friends(user)
I played with .NET based libraries and found them to be frustratingly out of date. Facebook seems to change their APIs frequently, so if you cannot find a library that is routinely maintained, you will find that you will get halfway through your implementation before you realize that there are serious problems.
I had some success with the javascript API that Facebook publishes and maintains. While the documentation may not be always up to date, I found that I was always within striking distance of the correct implementation (one or two changes needed).
Just fishing for ideas here.
Do any of the major template presentation frameworks (such as Smarty, Django) have prebuilt login/security handling? I want to save time on the security handling because it will consume a lot of time to worry about that. I want to build a site from ground up but I dont really want to go so far as starting with a completed content management system like Joomla or Drupal... thats way overkill. I prefer Java, C#, or PHP and I want to start from as close to "scratch" as I can.
Yes, Django has a complete authentication/authorization framework - see the docs here.
For registration, James Bennett's add-on project django-registration is excellent and popular.
Edited after comment: Django itself supplies the mechanism for allowing admins to create user credentials, storing them in the db, validating them on login, and restricting access to areas of the site based on privileges.
django-registration provides the mechanism for a user to sign up for a username via the site, via an email with a one-time confirmation URL which sets the login up as valid. There are various other plug-in projects which provide variations on this userflow, which may be useful depending how you want your site to work.