I've been trying to add a functionality to my app, so that uses can push the posts they create on my website to there Facebook, Twitter and G+ profiles.
So I decided django-allauth can be a good way to go about it. But what I want is users to Register and Login using Django's Authentication backend and once they are in the system then they can choose to Link their FB, Twitter and G+ profiles.
Is there a way to achieve this kind of functionality using django-allauth?
Given our comment discussion above, your original question was not what you were really after.
Still to provide an answer to that original question, provided someone else is interested: allauth now (*) supports an is_open_for_signup(self, request, sociallogin) method that you can override. It lives on the DefaultSocialAccountAdapter. Simply return false here to disable social signups.
(*) since https://github.com/pennersr/django-allauth/commit/6794afedcdeaafa907f1184772371f44e742514f
Related
I have started to use python-social-auth in a django project to authenticate the users from facebook, email, and potentially other sources.
I was able to integrate it to my project, and to create new users with both facebook and email.
I understand the concept of pipeline but something remains unclear to me:
How to differentiate login and signup? It seems to me that python-social-auth has a single pipeline for both login and signup actions.
I have implemented a signup and login (with email) template but for now, both submit the form to the url '/complete/email/'.
My loggin form only sends an email and a password but this creates a new user if the email does not allready exist.
How would you differentiate both use cases? Should I use the python-social-auth pipeline only for signup and implement a login view for my "log in with email" page as I would do if I were not using python-social-auth?
Thanks for any answer, experiences on how you did it or further explanation about python-social-auth concepts.
So my solution was to switch back to standard django-style login-signup for the email backend.
I found that it was easier for me to implement the workflow with two different forms and handling cases where user already exist and so on.
If you did it with python-social-auth, I would still be interested to hear about your solution but for now i'll use it for other authentication sources, where it pretty much works out of the box as I want it!!
We are building a Django backend with an iphone app and also would like to allow login through web/mobile browsers.
The requirement is to be able to register and logon from the website/mobile browser and also through the iphone app. I have also integrated django-registration for registration, login, logout etc.
What would be the preferred approach so that register, login, logout can be doen through the iphone app as well as mobile browser?
The most discussed approach seem to be the following:
Use tastypie for a RESTful API(or any other framework for REST) ( In
this case, I assume that means create an api for register and login)
For iphone, use RESTKIT to call and authenticate the backend to
perform login, registration etc.
Security and ability to only see relevant data for the user is important in our case as the data is highly sensitive.
Any advice is much appreciated and surely will help others too.
Thanks in advance.
Neo
If you have already integrated django-registration on your website, then you don't necessarily need to add tastypie just for login,logout etc.
Check out the documentation for django-registration at https://django-registration.readthedocs.org/en/latest/quickstart.html#setting-up-urls. If you follow the steps for the default setup, that should provide you with URLs for login, logout etc. If the section on "Required Templates" doesn't make sense to you here, read more about django at http://www.djangobook.com/en/2.0/chapter04.html
Once you have these URLs, you can simply make use of the AFNetworking library on iOS to create HTTP requests to login / logout etc.
Typically, a django view for registration will serve GET and POST requests differently. If you make a GET request, it will format the registration form and display the HTML page. If you make a POST request, it will first extract the information required for registration from the request and create a new user. This will happen automatically for the web.
Making use of AFNetworking, you can create a view that shows the form locally and then makes the corresponding POST request once the user wants to register. The same procedure applies for login.
This issue is very common in stackoverflow, and there's a lot of different questions and answers about it, yet I couldn't find exactly what I need.
First, I'd like to define exactly what I need: the option to let users log in to my app using their Facebook credentials. The app will save a matching classic Django user. I will only need to use the user's profile picture and to make sure that each time the same Facebook user will be related to the matching Django user.
Unfortunately, I find it really frustrating to implement for the following reasons:
By now, after reading a lot, I couldn't find out what is the best package for this task.
Some people recommend django-social-auth and praise its functionality and documentation. Personally, I don't understand why, since it's not specifically for Facebook and there are no explanations about the client side, i.e the Facebook login button and how the whole flow works.
When you go to Facebook developers, you suddenly find yourself reading about some magical javascript sdk, and about a promise that that's all you need. Then you get frustrated again and can't understand how a client side related sdk can sign up users to your app.
I know developers somehow implement Facebook auth packages in their apps, but I just can't figure out how to do it.
If anyone could tell me: at this time point, what is the best way to add Facebook authentication to my Django app? I would also ask for detailed documentation / tutorial that explains how to log in a Facebook user, from settings and configuration level through signup to Django app and to client side code.
There are multiple ways to approach the problem, what is the "best" way is really subjective.
Subjectively speaking, you could opt for django-allauth. Here are a few pointers to help you get started:
If you want to keep the signup simple, set SOCIALACCOUNT_AUTO_SIGNUP to True in order to achieve a "no questions asked" login. Users simply approve the FB dialog and they end up logged in in your site right away.
Adding a login button to your template is merely a matter of:
Sign In
The app offers support for the JS SDK login (pro: users are accustomed to the typical FB popup that appears), or you can use your own OAuth flow. Whatever you please.
The fastest way understand FB's Oauth 2.0 flow is to play with FB's Javascript SDK. Once you get the hang of it, the FB's PHP library is similar. Also, other OAuth sites like Google, Twitter or Dropbox have almost identical implementation.
In baby steps:
Learn how to install FB Javascript SDK onto a simple page
Use FB.login to determine login status and obtain the login url.
Lastly, use FB.Event.Subscribe and subscribe to auth.statusChange to detect the login/logout changes.
Also, good to check out https://developers.facebook.com/roadmap/ on the upcoming features or features being removed.
django-social-auth is not just for Facebook, but that doesn't mean you should use all the backends available.
Project documentation is at http://django-social-auth.readthedocs.org/en/latest/index.html and Facebook backend details at http://django-social-auth.readthedocs.org/en/latest/backends/facebook.html.
Before I post my question I would like to tell you that I'm aware of few excellent django packages out there for twitter and facebook integration:
Django-Facebook
django-social-auth
django-allauth
So, here's my question:
What I want?
I want to:
Allow users to registration via facebook and twitter. (easy to implement using any of above).
Allow multiple social accounts integration into one user account. (I think both #2 and #3 can do it.)
Create profile from facebook or twitter data (needs extended permissions in case of fb). So, it means we also need to access data from facebook and twitter.
Allow user to post to facebook and twitter from django app (activity as well as via forms).
Inviting and Finding facebook friends (#3 can do it.)
Provide same functionality as facebook app. (#3 can do it.)
Post to user's owned facebook page. (I'm not sure if #3 can do it.)
What I think
If I had to deal with facebook only then I think Django-Facebook answers almost all of my questions. But since I also want to support twitter I'm not sure what I should do. All I can think of:
Django-Facebook for facebook + django-social-auth or django-allauth for twitter. I'm not sure if this combination can work. Please let me know if you tried anything like that.
django-social-auth or django-allauth only if any of these can provide aforementioned facebook functionality as well.
[Edit:] Actually I'm looking for answers to both of the following questions:
If I choose to use django-social-auth only then can somebody point me to the samples/code snippets for interacting with facebook and twitter.
If I want to use Django-Facbook (because it provides lot of functionality), can I choose it for facebook and django-social-auth (or django-allauth) for twitter only. I mean to say everything related to facebook using Django-facebook and everything related to twitter using social-auth or allauth. Will this combination work?
Thanks for your valuable suggestions in advance.
django-social-auth is concerned with its namesake: authentication. The first 3 items in your list deal with authentication (plus profiles), so I'd use django-social-auth for those.
The rest are interactions with the various services and would best be served by other libraries like the one you mentioned (django-facebook etc.). django-social-auth will take care of access tokens and permissions, so you can use these in conjunction with the other apps to perform API operations.
I want to implement Facebook connect login for my Django site and I've checked the already existing apps.
So far, I have found Django-Socialauth, django-socialregistration, and django-facebookconnect for this purpose.
The question is which one to choose, and I would like to hear from other developers who have experience with any of these apps.
It is important for me that the Facebook Connect login app plays nicely with #login_required, with the default auth system, and with django-registration.
Please share your experience :)
Update (11/26/2013): I'm updating my recommendation. Since a sufficient amount of time has passed since I wrote this answer, I would recommend python-social-auth or django-allauth as the best tools for the job. They are active projects with good documentation and support for a lot more than just Facebook. I've had success using both.
I have had the most luck with adapting django-socialregistration with django-registration (0.8). Since you're working with django-registration, you're going to have to do a little bit of work, since all three of those packages assume the role of both the creation and the authentication of the user.
I was just going to explain what needed to be done, but you inspired me to finally get my version out: hello-social-registration.
Like I alluded to, it separates gives the registration functions to a django-registration backend and handles all the authorization itself. I've been using this on my near-beta application for a while now with no problems (I also handed it to a friend to use a few months ago and he got it to work without much modification).
It's definitely not ready to be a plug-and-play reusable application, yet, but hopefully it'll provide you with some insight. :)
By far the most commonly used package for Facebook authentication in Django is Django Facebook:
https://github.com/tschellenbach/Django-facebook
It also gives you access to the facebook APIs using the included Open Facebook api client.
I wanted to implement a basic "Login using Facebook" functionality in my Django app. I didn't want to show the user a form to fill or have her choose a password. I preferred to make it seamless.
Based on my requirements, django_facebook_oauth was the best app for me. It simply allows the user to login using facebook, and gets the user info my Facebook app requests from her (based on my Facebook Auth Dialog). It creates a new user in Django with the user's facebook email, a username and a blank password.
I highly recommend it.
Hi Take a look at fbconnect app that we (actually, Hernani, a guy on our team) put together for osqa (a clone of CNPROG).
You will have to, probably, tinker a bit to adapt that to your needs. It does work with #login_required decorator and the standard django.contrib.auth system, but we do not use django-registration.
Our app also works with openid and password login, but the openid part is tightly coupled with the Q&A component at present.
We may separate it though some time in the future, if anyone might be interested in "anything-signin" django pluggable app or has something better already - pls let us know.
I've used django-allauth and django-facebook on two different projects.
django-allauth was great and provided very good support for logging in and creating user profiles. It could also work with other auth providers, which I didn't implement.
django-facebook worked out of the box, but it's only compatible with Facebook. It also provided simple APIs for fetching users' likes and friends from Facebook directly into the db, which I liked very much!
facebook.get_and_store_likes(user)
facebook.get_and_store_friends(user)
I played with .NET based libraries and found them to be frustratingly out of date. Facebook seems to change their APIs frequently, so if you cannot find a library that is routinely maintained, you will find that you will get halfway through your implementation before you realize that there are serious problems.
I had some success with the javascript API that Facebook publishes and maintains. While the documentation may not be always up to date, I found that I was always within striking distance of the correct implementation (one or two changes needed).