I have been trying to use django-allauth to provide Social registration, but I am having trouble configuring the profiles for the user. There is no documentation of django-allauth which tells
how a django user account is created when a user logs in via a third party such as facebook
What username is assigned to that user and what password is used.
Certain third party providers such as Facebook provide a lot of information about the user such as their name, email etc. so how can we get them and save in the user account/profile
If anybody has used allauth in their projects and can provide some details then it would be really helpful.
I am using django_allauth in my project.
(1) How a django user account is created when a user logs in via a third party such as facebook ?
You should take a look at :
your admin panel and see what happens when somebody logs in.
allauth.facebook.views.login and try to track the login process
It is something like this (in a few words):
When a user logs in your site via his Facebook credentials he is given an access token
This token is saved in the FACEBOOK_ACCESS_TOKENS table (you can see it in the admin panel)
With this access token and with the help of Facebook GraphApi we know his social_id
When we know his social_id - we can have his Facebook account from our database
If we haven't saved it in the db already - we save the Facebook account in the FACEBOOK_ACCOUNTS table (Facebook Accounts in the admin panel)
Then we create a user in the USERS table with the data present in the Facebook account. (you can see the new user in the Users section in the admin panel)
(2) What username is assigned to that user and what password is used ?
As I mentioned before with the help of Facebook GraphApi we get the username of the Facebook user and it is assigned to the User profile as User.username
(3) Certain third party providers such as Facebook provide a lot of information about the user such as their name, email etc. so how can we get them and save in the user account/profile?
Again - the Facebook GraphApi - it gets you the info you need.
I have integrated django_allauth in my site and it is working properly. I will be happy to answer(if I can) if you have more questions.
EDIT - For the avatar support...
I think you have to take a look at the django_allauth settings and particularly in:
SOCIALACCOUNT_AVATAR_SUPPORT (= 'avatar' in settings.INSTALLED_APPS)
Enable support for django-avatar. When enabled, the profile image of
the user is copied locally into django-avatar at signup.
Related
As the title suggests, how can I create a limit list of users in django social login, so that only authorized users are able to login with their social account?
For example, a user with certain gmail account can login, but others cannot login using unauthorized gmail accounts. Right now, if I use allauth, all users who have gmail account can login to my django site, but that's not what I expect. Thanks!
If you mean that only emails with existing accounts in your site can login using django-social-auth, then you can update the pipeline of your login. You can find the documentation here: https://python-social-auth.readthedocs.io/en/latest/pipeline.html.
If you disable the social_core.pipeline.user.create_user step of the pipeline, then the social login will only allow login to users which already existed in the site.
I'm using Django social auth to log users in using Facebook, Twitter, etc as described, for example here.
Scenario:
A user is logged onto my platform using my native login system. I want them to validate that they own a particular Twitter account without redirecting them to a view where request.user is a new UserSocialAuth associated with their Twitter account. I want to show the user the Twitter login page but, after they provided their credentials, keep them logged in as they were rather than log them in as a different user.
can add more accessible details for your social users indicated here:
https://python-social-auth.readthedocs.io/en/latest/configuration/django.html#database
I integrated django-rest-auth and django-allauth for user registration/login using Facebook.
Now, I can authenticate (and I can create) the Facebook user and I can retrieve some basic informations like e-mail, first name, last name...
Now I need also to retrieve some profile images (last 3 user profile images) about the user at registration of it in my platform.
I'm confused because I can't use allauth to take also these informations from Facebook so, probably, I need to take it directly using Facebook GraphAPI (is correct this my solution?)
Is a good solution the integration of django_facebook?
The photo can be retrieved directly with the user UID and this URL:
http://graph.facebook.com/UID/picture?width=40&height=40
In function:
fb_uid = SocialAccount.objects.filter(user_id=self.user.id, provider='facebook')
if len(fb_uid):
return "http://graph.facebook.com/{}/picture?width=40&height=40".format(fb_uid[0].uid)
I'm not entire sure, but I think you will get access to the user's photos when you add "user_photos" to scope list in facebook configuration. Did you try it?
Here is a link to django allauth documentation: http://django-allauth.readthedocs.org/en/latest/providers.html#facebook
I am working on a django app. What i want to do is that in my app i want to allow people to add their facebook, twitter and google+ profile links but after only getting authenticated to these. I want my website should recognize a user if it gets login from facebook or twitter or g+ and redirects it to the user page with which these social media profile links are attached. I am trying it to do using python requests package. But i am not getting a way how can i do it. Should i get a oauth token from the site to store or should store the profile link of the user. I have implemented the social authentication mecanism using python-social-auth
Please suggest me.
A small example will be appreciated
Sounds to me like you want to extend the pipeline with a function to redirect users. You can use Social User to get at the auth used to log in.
I'm trying to figure out the best way to pull in a social email when a user signs up through a social account (I'm using Facebook and Google). Ideally it would be great if the email pulled into the User instance when the user signed up, similar to how first name and last name are pulled in. Is it possible for django-allauth do that?
The other option that I would do next is to use the Facebook/Google APIs to get the email from the user since the id is stored in user.extra_data
Anyone know if django-allauth can pull in social emails, or have any other ideas on how to bring in the social email?
Check out the SOCIALACCOUNT_EMAIL_REQUIRED setting. Setting that to True, along with requesting the relevant permission from the social provider (e.g. email for Facebook), should work.