I have a Django installation with userena and django_facebook working pretty fine. Can I somewhat make my authentication work from another database (one database for authentication and another for everything else)? The problem is that the project I'm working on requires the same authentication across different Django installations on servers with one entire server for the databases. Should I make a database router that handles all the apps or is there a better solution?
Authentication backends are what you are looking for. Django documentation: https://docs.djangoproject.com/en/dev/topics/auth/#other-authentication-sources
Simple database routers solved the problem with regular Django authentication and Userena authentication. I'm guessing it will be the same with Facebook as they are chained together. The only downfall is that the user for the admin panel is the same across all sites.
Related
Well, this question is for the ones who has experience in working with Django.
I'm new to Django and I have been studying Django, still I want to build an webapi with Django as backend and frontend, with a token authentication. Is that possible, and logical? I have been watching tutorial and reading documentation. Everyone who creates an api full django, creates a basic authentication. And, I want to know if is possible to create a more secure authentication with django as frontend. Thank you.
Generally speaking: yes, you can do that - but not with django alone. Also don't know every possible solution, but you can do this with the Django REST framework.
Here are some links to the documentation:
Django REST framework - Homepage
Django REST framework - TokenAuthentication
I personally use JSON Web Tokens in combination with Django and Django REST framework:
Simple JWT
I am building a Django application and I need to connect to an existing external Laravel site to authenticate users. Basically to have two different platforms, but users only have one set of credentials. Also - users should be able to sign up on the Django, and their user is created in the Laravel DB.
The Laravel site has Laravel Passport (OAuth2 based) installed because it uses it for a Flutter app.
I know that REMOTE_USER is "the Django way" of achieving external auth but, I don't know where to go from there. If it makes a difference, the Django app will be a full REST application using DRF because its frontend will be ReactJS.
Can anyone explain how to achieve external auth with Django, particularly when the authentication server is OAuth2 based? Or better yet, how it can work with Laravel Passport in particular.
Thanks
I have to use Angular 2+ for front-end and Django as back-end, in my project.
Usually Django provides the '/admin' URL through which we can access the admin portal to do all the site-administration stuffs. But to use Angular 2+ as front-end we need to convert the whole back-end (Django) into REST API, which is actually recommended.
In this case how can we use the Django Admin URL or its utilities from Angular URLs? Or else whether I have to replicate Django Admin in Angular 2.
It will be a great help if someone can give me some ideas on this.
You seem to have a misunderstanding of how the various technologies you are developing in actually coexist.
Django is the server-side framework.
DRF (Django REST Framework) is
used in addition to Django, to make it easier to implement a
RESTful API on top of your Django project. Django REST Framework does
not replace Django. Django REST Framework is an addition to
Django.
AngularJS is a JavaScript framework that can be used in your project (or just parts of your project).
Using Django REST Framework does not suddenly mean that the Django admin interface will 'stop working'.
If your project's URL routing ('urls.py') still contains a route connecting the Django admin interface with /admin you can still go to yourproject.com/admin and it will completely circumvent anything you've done with AngularJS.
It may be late to reply, but Angular and DRF connects over http call.
I am struggling to set up for authentication with apache and mod wsgi in Django.
I have a big question mark. It is fundamental question for me before beginning to use basic or digest authentication in apache really.
Why do you need basic or digest authentication in Django in the first place? Django has own authentication system. You can manage permissions with user and permission itself in Django.
I think there is a clear case that you need this apache authentication. I don't think people put effort to explains how to set up for using apache authentication with mod wsgi in Django manual if you don't need it at all.
In Django manual,
for example, you could:
1.Serve static/media files directly from Apache only to authenticated users.
2.Authenticate access to a Subversion repository against Django users with a certain permission.
3.Allow certain users to connect to a WebDAV share created with mod_dav.
Even after reading this setence and manual repeatly, I can't come up with some situation which need to select using apache authentication for the best option.
why do you need to use apache authentication in Django or in Which special situation do you need it?
Both apache and django authentication are different. First one is web server level and next is application level.
One thing, there will be some urls accessible both login and without login.This type of auth cannot be set in apache(from my knowledge).You can do it in inside django.
I have a Django web app that I would like to use in a single-sign-on solution for a number of remote apps that use Apache authentication.
I can see how to authenticate Apache from a local Django instance and an old Apache module for doing basic queries off postgresql (but without the syntax support to phrase queries with joins to check Django group permissions)
Any suggestions?
I would like to avoid having to switch to using a directory service in the short term (e.g. ActiveDirectory, LDAP) if possible.
.M.
EDIT: Also found mod_auth_external
The following should work for you.
http://www.openfusion.com.au/labs/mod_auth_tkt/
You can use the apache module to hit a specific view in your Django app to generate a ticket for valid users. Then all the other applications can do basic authentication against Django via a URL.
This gives you SSO using the Django user database for legacy apps using HTTP basic authentication.