Django rest framework resources for social auth
Project description
OAuth signin with django rest framework.
Requirements
python (2.6, 2.7, 3.4)
django (1.6, 1.7, 1.8)
djangorestframework (3.1)
Release notes
Motivation
To have a resource, that will do very simple thing: take the oauth code from social provider (for example facebook) and return the authenticated user. That’s it.
I can’t find such util for django rest framework. There are packages, that take access_token, not the code. Also, i’ve used to work with awesome library python-social-auth, so it will be nice to use it again. In fact, most of the work is done by this package. Current util brings a little help to integrate djangorestframework and python-social-auth.
Quick start
Install this package to your python distribution:
pip install rest-social-auth
Do the settings
Install apps
INSTALLED_APPS = ( ... 'social.apps.django_app.default', # python social auth 'rest_framework', 'rest_framework.authtoken', # only if you use token authentication 'rest_social_auth', )
python-social-auth settings, look documentation for more details
SOCIAL_AUTH_FACEBOOK_KEY = 'your app client id' SOCIAL_AUTH_FACEBOOK_SECRET = 'your app client secret' SOCIAL_AUTH_FACEBOOK_SCOPE = ['email', ] # optional SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = {'locale': 'ru_RU'} # optional AUTHENTICATION_BACKENDS = ( 'social.backends.facebook.FacebookOAuth2', # and maybe some others ... 'django.contrib.auth.backends.ModelBackend', )
Also look optional settings avaliable.
Include rest social urls
url(r'^api/login/', include('rest_social_auth.urls_session')),
url(r'^api/login/', include('rest_social_auth.urls_token')),
You are ready to login users.
3.1 session authentication
POST /api/login/social/session/
input:
{ "provider": "faceboook", "code": "AQBPBBTjbdnehj51" }
output:
{ "username": "Alex", "email": "user@email.com", // other user data } + session id in cookies
3.2 token authentication
POST /api/login/social/token/
input:
{ "provider": "faceboook", "code": "AQBPBBTjbdnehj51" }
output:
{ "token": "68ded41d89f6a28da050f882998b2ea1decebbe0" }
POST /api/login/social/token_user/
input:
{ "provider": "faceboook", "code": "AQBPBBTjbdnehj51" }
output:
{ "username": "Alex", "email": "user@email.com", // other user data "token": "68ded41d89f6a28da050f882998b2ea1decebbe0" }
User model is taken from `settings.AUTH_USER_MODEL <https://docs.djangoproject.com/en/dev/topics/auth/customizing/#substituting-a-custom-user-model>`__.
List of oauth providers
Currently only OAuth 2.0 providers are supported. Look python-social-auth for full list. Name of provider is taken from corresponding backend.name property of particular backed class in python-social-auth.
For example for facebook backend we see:
class FacebookOAuth2(BaseOAuth2): name = 'facebook'
Here are some provider names:
Provider |
provider name |
---|---|
google-oauth2 |
|
Vkontakte |
vk-oauth2 |
Github |
github |
Yandex |
yandex-oauth2 |
Settings
REST_SOCIAL_OAUTH_REDIRECT_URI
Defines redirect_uri. This redirect must be the same in both authorize request (made by front-end) and access token request (made by back-end) to OAuth provider.
By default is the root relative path:
'/'
To override the relative path (url path or url name are both supported):
REST_SOCIAL_OAUTH_REDIRECT_URI = '/oauth/redirect/path/' # or url name REST_SOCIAL_OAUTH_REDIRECT_URI = 'redirect_url_name'
REST_SOCIAL_OAUTH_ABSOLUTE_REDIRECT_URI
Sometime project’s front-end and back-end are run on different domains. For example frontend at ‘myproject.com’, and backend at ‘api.myproject.com’. To handle this, it is possible to define absolute redirect_uri:
REST_SOCIAL_OAUTH_ABSOLUTE_REDIRECT_URI = 'http://myproject.com/'
Customization
First of all, all customization avaliable by python-social-auth is also avaliable. For example, use nice concept of pipeline to do any action you need during login/signin.
Second, you can override any method from current package. You can specify serializer for each view or by subclassing the view.
To do it
define your own url:
url(r'^api/login/social/$', MySocialView.as_view(), name='social_login'),
define your serializer
from rest_framework import serializers from django.contrib.auth import get_user_model class MyUserSerializer(serializers.ModelSerializer): class Meta: model = get_user_model() exclude = ('password', 'user_permissions', 'groups')
define view
class SocialSessionAuthView(BaseSocialAuthView): serializer_class_out = MyUserSerializer
Example
Checkout example project.
download it
git clone https://github.com/st4lk/django-rest-social-auth.git
step in example_project/
cd django-rest-social-auth/example_project
create database (sqlite3)
python manage.py syncdb
run development server
python manage.py runserver
Example project already contains facebook app id and secret. This app is configured to work only with restsocialexample.com domain. So, to play with it, define in you hosts file this domain as localhost:
127.0.0.1 restsocialexample.com
And visit http://restsocialexample.com:8000/
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for rest_social_auth-0.1.0-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 54f3562e7cd259512c9685c747c8068f55d5e1860e272a39968c5889c1d0d8ce |
|
MD5 | ed8de422b6d7e579f648253b3bdb638a |
|
BLAKE2b-256 | 9066bca2d89b3daf4493bffa17317dba6f3b9c1242e86ed102755dd7d38e2522 |