I added authorization through social networks to my site. How can I find out that the user used exactly this authorization?
In the process of authorizing a user through a social network, I need to change the verified value in the database table, as well as add his photo to this table.
Note: I didn't rewrite the default user model, but extended it by creating a ForeignKey in the Profile table. This table stores information about the user (phone number, gender, etc.)
Note2: I'm using social-auth-app-django
It seems to me that I should implement a separate View for authorization on social networks in order to catch all the data I need. But what should it look like? I am new to this matter.
Related
I am building a django application in which user will be able to sign up or sign in only via their EBay account, no email/username or password required. I couldn't find any authentication library for EBay though there are many for google, facebook, twitter etc.
So I got the EBay part working. EBay basically returns (on consent of user) Email and a IEFS token which is unique to that user and wont change. I want to use those two fields only to create a authenticate user across whole application. I don't want username, emails, firstname, lastname or password that ships with django User model. The documentation is quite big and I am confused where to start, any proper suggestion will be big help. Thank you.
Here is a bit of insight, the code is yours to make :
You can extend the user model from Django and decide which field to use, you could for example create a Ebay ID field Abstract User
Once this is done you want to add the ebay ID to an user, just create an account with email and ID, the user won't need any more info
Finally allow user to connect only by email, either by overriding custom login from Django or using a package like Django Allauth
Please note that unless your site is accessible only by Ebay users, allowing user to connect with email/password is recommended.
It is perfectly doable, just make good use of the documentation
I'm trying to build a Django website that will be maintained and used by university students mainly. I need to restrict access to a few pages for certain approved students, but it would be very unmaintainable if I needed to create a new Django user for every student that wants to log in. Luckily, the university provides an API to check whether a username/password combination is correct. So I had the idea to create an authentication model complementary to Django's model, where users' university account can get approved by an admin, after which it is a valid login to view certain pages.
So essentially, some users may use a Django account (if they're in charge for the content of the website), and other users may just log in to view some pages with their uni account. For the uni account, the minimum amount of info should be stored (in other words, only the username is really required to approve certain users).
I can't seem to figure out how to build such a system in Django. I cannot use the standard User object because it stores data that is completely redundant, and I cannot substitute the user model because that would only make things incredibly complex. It seems reasonable to forget the User model altogether, but Authenticate needs to return a valid user. This makes me wonder, can I create regular Django users with as little information filled in as possible (dummy data except for the username), and then authenticate them with the API? Probably, but that hardly seems like a good idea.
To authenticate users using the university API, all you need to do is to write an authentication backend. You can then create a local user for these uni users the first time they login, since there is only two required fields: username and password. You can use set_unusable_password() so check_password() for this user will never return True.
The Django admin system is tightly coupled to the Django User object
described at the beginning of this document. For now, the best way to
deal with this is to create a Django User object for each user that
exists for your backend (e.g., in your LDAP directory, your external
SQL database, etc.) You can either write a script to do this in
advance, or your authenticate method can do it the first time a user
logs in.
I am trying to build a django app with two types of users, public users that log in with facebook and enterprise users who log in with email/password. I currently am using allauth with a custom user model that lets public users log in with facebook but I am lost as to what approach I should take with creating this new enterprise user type.
There have been suggestions that I should subtype the custom user model such as in http://michalcodes4life.wordpress.com/2014/02/08/multiple-user-types-in-django-1-6/ however, this example does a poor job of showing how to integrate this with socialauth. How do I tell if the users logged in from the main page, which suggests I should make a public user, versus from the corporate log in, in which case I should make an enterprise user. How do I even specific two different reroutes depending on signup/login from different starting pages?
Other options like creating different UserProfile models seem to defeat the point of me making the custom user model to begin with. Also doesn't having a separate UserProfile model slow down DB searches? Also, I would still have to have two separate UserProfile types for public and enterprise users so I would still run into the same problem as with the first option so I might as well just subtype the custom users instead of adding to the mess with UserProfiles. Again, the problem of how to specify different redirects after signup and specify which type of user to create still exists.
The last option seems to be to use the admin system in Django for enterprise accounts. However, wouldn't this mean I would have to make the admin system UI presentable? Also, these enterprise accounts should not have access to the ability to edit users fields, so their permissions would be restricted to solely viewing public users on the site.
I have been asked to introduce an unusual case and I'm wondering how others would go about it.
I have users in my Django application. The model is a standard user model, authentication. etc. Each one of of these site users can add their own contacts to the system. However my new requirement is to allow their contacts to set a password (if they want to to) so that they can login to their status page (belonging to that user).
So my question is how would you do this? I already have the contact table (which belongs to one user), I'm thinking of adding in a password (optional) field, but then I'm unsure how to handle the authentication for this as they are not my users but members of my users (if that make sense).
One way would be to create another user model for contacts inheriting from AbstractBaseUser. And then creating custom auth backend that would look in both models to login user. Finaly you would have to distinguish between standard user and contact user before every action.
That is if contact user and standard user differ significantly in your application.
Or you could just create custom user in your application, that would contain is_contact attribute. This would be used for both types of users. You would set that as AUTH_USER_MODEL in settings and check before every action for the is_contact attribute to determine the outcome. You could return 403 for the contact user if he tries to access what he's not suppose to.
Or if you use permissions in your application, you could set the contact user's persmissions only to view statuses of the users that added him as a contact and nothing else.
I am currently using Oauth to allow a user to sign in through Foursquare, I then create a new session for this user. If the user is new to the system they are asked to sign in through Hunch, this can then generate a user profile based on information from both systems. I have them both signing in to each application separately, but how can I associate the user logged in with Foursquare to the one in Hunch.
My idea for it was to somehow create a reference to the session id in the user model, or use the session ID as a parameter for the hunch sign in but I'm not sure if this would be the best idea. Is there any other way in which I can create the association?
The easiest way to do this would be something like the following:
Send the user to foursquare to sign in
When the user returns, create a record in the datastore for them.
Send the user to Hunch to sign in, but include the ID of the record you created in step 2 in the continue URL.
When the user returns, use the ID embedded in the URL to add the user's Hunch info to their user record.
You can create a parent association so that SiteUser is the parent of FoursquareAuth and HunchAuth.
When the user first logs in with Foursquare you create the SiteUser model and then create the FoursquareAuth model with parent=just_created_user. Then when you send the user off to authenticate through hunch you include the user's id, or a session id in the callback parameter. When the callback happens you get the user's key and create HunchAuth with parent=previously_created_user.
The SiteUser model contains the combined information from both sources (name, location, last checkin, etc.). The *Auth models just contain whatever guaranteed unique identifiers are supplied by each provider (user_id, access_token, etc.).
This way, if you have the user object you can find either the Foursquare or the Hunch authentication data (using an ancestor filter), and you can find a user by loading any *Auth model and fetching its parent().
(note: I call the model SiteUser to not confuse it with the User object available in App Engine)