django-allauth and twitter integration - Social Network Login Failure - django

I am trying to work with django-allauth. I followed the instructions at github page and done following:
Added allauth urls into urls.py
urlpatterns += patterns ('',
url('^accounts/', include('allauth.urls')),
url('^accounts/profile/$', ProfileView.as_view(), name='ProfileView'),
url('^login/$', login, name='account_login'),
url('^logout/$', logout, name='account_logout'),
url('^login/cancelled/$', login_cancelled, name='socialaccount_login_cancelled'),
url('^login/error/$', login_error, name='socialaccount_login_error'),
)
Updated TEMPLATE_CONTEXT_DIRS, TEMPLATE_CONTEXT_PROCESSORS, AUTHENTICATION_BACKENDS and INSTALLED_APPS. Also added ACCOUNT_AUTHENTICATION_METHOD = "username_email"
Added Key and Secret for twitter in the Social apps table.
Copied django-allauth templates to my app's directory and modified it. I can see all the templates working fine like /accounts/signup/ and /accounts/social/connections/.
Now, from connections or signup when I click Twitter link /accounts/twitter/login/ I ended up with the following error:
Social Network Login Failure
An error occured while attempting to login via your social network
account.
Am I missing something? May be some stupid mistake (Twitter login url? No clues!). I also tried to find some tutorials based on the latest codebase but unable to find any. django-allauth example on github wasn't of any help. Please help. Also, please feel free to provide me any links or tutorials based on the latest codebase.
Thanks in advance.

I am a beginner so you can expect some stupid mistakes from people like me but I try to learn. I spent many hours trying to resolve this. Finally the issue turns out to be Twitter App Key Settings:
I get "Social Network Login Failure" error because my Twitter App settings are not configured for the localhost. Make sure you have the following settings configured in your Twitter App for your localhost (development machine):
Callback URL: http://127.0.0.1:8000/
NOTE: If you want to use it for production server then you need to set Callback to your domain name as follows:
Callback URL: http://Your_Domain_Name.com
OR better use another set of Keys specifically for production use only.
BONUS : If you are using django-social-auth and you don't have these settings configured then you may end up with 401 Unauthorized error.

Related

GitHub App - User Authentication/Authorization through GitHub APIs

I am new to GitHub Apps. I have used GitHub OAuth before, but finding it a bit difficult to understand the user authentication and authorization for GitHub Apps. My use case is as follows -
A user will visit my website, login with their GitHub credentials and at that time the user needs to accept the permission I seek from their profile (ex. Repository, PRs, etc.) and display those repositories and PR on my website and perform some actions on them.
I have primarily 1 question at a high level.
The API endpoints and what all keys are needed to authenticate and authorize a user so
as to get all the requested items like repositories etc. and more importantly the next
time the user logs in he should not need to accept the permission to access his
repositories. (Similar to this codefactor site)
I would like to have an architecture level solution if not a code example. I am using Python (Django) to build my project but code examples in other languages are also welcomed.
OP can use the module Django Social Auth. Their docs have an entire section dedicated to GitHub. They will handle all of that process for one.
Essentially, here's what one has to do
1 Install the module
pip install social-auth-app-django
2 Add it to your settings.py the variable INSTALLED_APPS as
INSTALLED_APPS = [
...
'social_django',
...
]
3 Sync the database
python manage.py migrate
4 Add GitHub authentication backends to Django’s AUTHENTICATION_BACKENDS setting
AUTHENTICATION_BACKENDS = [
...
'social_core.backends.github.GithubOAuth2',
...
]
5 Add URL entries
urlpatterns = patterns('',
...
url('', include('social_django.urls', namespace='social'))
...
)
6 Register a new application at GitHub Developers, set the callback URL to http://example.com/complete/github/ replacing example.com with one's domain (could even be http://localhost:8000/complete/github/ if testing locally). This will generate a Client Key and a Client Secret.
7 Add these values of Client ID and Client Secret from GitHub in your project settings file.
SOCIAL_AUTH_GITHUB_KEY = 'a1b2c3d4'
SOCIAL_AUTH_GITHUB_SECRET = 'e5f6g7h8i9`
8 One is now able to use in one's template, like
Sign in with GitHub
Clicking in that link will then redirect one to the page to accept permissions, just like Codefactor.
Apart from the docs, there are some good articles out there that one can also use for reference, such as How to Add Social Login to Django by Vitor Freitas.

Using a django app as a central authentication system to other django apps

(I am relatively new to Django, so sorry if I was misunderstanding anything ^^")
so let say I have app1 and app2, and I want to implement the same groups, roles and permission through these two apps by only having one database.
my idea was to create a central back end server that the two app authenticate through and grabs the roles from it. essentially this can be used for SSO(Single sign on) later. but now the target is to authenticate the user logging through one app and get his roles and groups from there.
In Django documentation I found "Authentication using REMOTE_USER":
which should allow me to do remote authentication (which is my target), was able to make it run but how am I supposed to give it the link of the Django authentication server.
my understanding is that after setting this remote user authentication, all groups, roles and permission checks doesn't need to be changed since Django should have access to the remote server that it authenticates through.
I hope that I wasn't misunderstanding "Authentication using REMOTE_USER" concept.
also if there is any other ideas on how to implement this, please let me know.
Thank you !
Sounds like REMOTE_USER is NOT what you're expecting it to be: when Django is configured to use this functionality, it foregoes Django's typical security, because it expects a web server situated in front of Django (e.g. APACHE or NGINX) to do user authorization on its behalf. In a nutshell, the web server passes along the user's id in every request it sends to Django in the REMOTE_USER header.
You expectations, on the other hand, seem directed at configuring a common Django app to authorize and authenticate users for other apps. This is a common configuration, and is effected by several steps, including these three:
(1) Adding to the common app's settings.py the other apps in the INSTALLED_APPS list. For example:
INSTALLED_APPS = [
...
'app1',
'app2',
]
(2) Include the apps URLconf in common api urls.py, for example:
path('app1/', include('app1.urls')),
path('polls/', include('app2.urls')),
(3) Run python manage.py migrate in order to create the database tables for two apps.
You'll probably have to fuss with your urls in the common app more that what I've sketched out above; and you might add a middleware to prevent unauthorized requests any access until authenticated.

Django inserts wrong domain to activation email, facebook auth and filebrowser

I've set up a Django project on a nginx server. But..
Django detects request.get_host() in signup and activation views as localhost and sends email (for activation and password reset) with links like http://localhost/....
I've set up Facebook authorization via social-auth-app-django. But Facebook tries to open redirect_uri in localhost
(...redirect_uri=http:localhost/oauth/complete/facebook...)
Inside django admin TinyMCE editor Filebrowser also refers to localhost..
How to fix these problems? Or it seems one solution can fix all of them.
Thank you for your time and help.
Did you tried changing your Site.domain and Site.name in admin panel or via shell? from django.contrib.sites.models import Site
https://docs.djangoproject.com/en/2.1/ref/contrib/sites/
It's used in many cases such as emails by default.

django-allauth socialaccount not logging in?

I've recently switched server/database and am having trouble getting the google and facebook social apps to log in. I have the keys set up correctly and when hitting both facebook and google it successfully creates a django user and a social account, but it does not log the user in. Notably, it sends the user to LOGIN_REDIRECT_URL correctly.
When attempting to sign in with an existing user after it has already been created, it also does not log in, but also sends to LOGIN_REDIRECT_URL correctly.
I can't figure out why it is behaving this way in the new environment, and am struggling on finding where to look. My best guess is that somewhere the pre_social_login signal or the social_account_added signal? Any ideas?
EDIT:
Also worth noting, I switched from python 3.4 to python 2.7, but django remained 1.6.5
Turned out I was missing the allauth.account.auth_backends.AuthenticationBackend in the settings AUTHENTICATION_BACKENDS when i did the migrate.

No Facebook login screen in django social auth

I am trying to build a small page using django which uses a facebook login, and I am using the django-social-auth package from agiliq: https://github.com/agiliq/Django-Socialauth and trying to follow the documentation.
However, I am not able to see/test the login from facebook.
The settings.py and urls.py can be found here: http://dpaste.com/685141/
When I go to: 127.0.0.1:8000/login/facebook I get the following error from facebook:
f Error:
An error occurred. Please try later
where, f is the facebook sprite.
As I understand, I think I need to specify the redirect url (?) but I am not entirely sure how to go about doing this.
Don't confuse django-socialauth with django-social-auth, they try to solve the same but on quite different ways.
Well First of all I don't see the SOCIAL_AUTH_ENABLED_BACKENDS setting
mine is like this:
SOCIAL_AUTH_ENABLED_BACKENDS = ('twitter','facebook','google')
Also be advised that facebook will never return an ok state for a remote url that does not match the domain name you said you had in your app.
So localhost != domain name is not cool to them.
also I'd advise if you took down your dpaste because your keys, email and root password are exposed.