A simple Django app for basic “Log in via Upwork” functionality.
Simple oDesk (now Upwork) login for your Django-based project.
At current version it has inflexible and impossible to disable access control. It suits my own needs so far but I plan to improve on this, given demand.
Tested with Django 1.6.
Note: oDesk rebranded as Upwork. Version 0.2.0 of this library depends on python-upwork instead of python-odesk, and therefore works with new API endpoints. Further support and development, if any, will only be continued for new django-upwork-auth, which is in the works. (See issue #4.)
Provided you have installed django-odesk-auth and python-upwork==1.0.
Important: keep ODESK_OAUTH_KEY and ODESK_OAUTH_SECRET settings in a file that is not under version control.
Requirements: Vagrant, Ansible, and free 8000 port.
First, fill in some critical settings in example_project/settings.py (see comments in the file).
From example_project directory, bring up a VM using provided Vagrantfile and run Django development server on it:
$ vagrant up $ vagrant ssh vm$ cd /vagrant/example_project/ vm$ ./manage.py runserver 0.0.0.0:8000
On your host machine, navigate to 127.0.0.1:8000 and you should be able to test Upwork login functionality.
App has basic access control facilities.
You can specify who is allowed to log in to your site and who upon login gets staff and/or superuser statuses. This is configured through Django settings.
Currently access control cannot be turned off. You have to explicitly specify at least who is allowed to log in to your site. (Yes, this means you can’t grant access to everyone yet, unless you hack the app.)
Users that aren’t allowed to log in get User.is_active flag set to False. See utils.update_user_permissions() definition if you’re interested in other specifics, and see available settings below.
After user is successfully authenticated, you can call oDesk API on their behalf.
Here’s a quick example:
from django_odesk_auth import utils, O_ACCESS_TOKEN odesk_client = utils.get_client(request.session[O_ACCESS_TOKEN]) print odesk_client.hr.get_teams() # Should output list of teams user has access to
Sometimes there’s a need to make sure that current user’s authentication is still valid—that they, for example, didn’t revoke access to their account.
For that you can use utils.check_login() in Python, or make an AJAX request to named URL 'odesk_oauth_check_login' from client side (see views.oauth_check_login).