I'm looking at building a django app specifically designed for G-Suite domains. It requires users to be logged in to G-Suite, and would get permissions from groups in G-Suite. I know I could achieve this using django-allauth or similar, but that would involve the django app duplicating the user information in it's own database. In the interests of preventing unnecessary replication, is it feasible to have django directly use Google APIs to handle user logins, but still program the rest of the app in a django kind of a way? Are there any libraries that implement this? If not in django, are there other (python) frameworks that can do this?
Related
This may be an opinionated question but sorry I am too curious.
I learned to develop Django Model-View-Template websites ( multi page websites) and Django Rest Framework.
From the same Django Model can I create Rest API's and MVC templates together ?
I wanted to develop a Blog website that use session authentication and based on MVC architecture. The same server should create API's because the Mobile app for the Blog may consume the API's and use Token Authentication (using Djoser).
If I use same User model for session and token authentication, Can mobile blog app users use their username and password to access website version ?
Django REST Framework is just a collection of helpers to easily create HTTP endpoints that conform to REST behaviour, which mostly means conventions around GET, POST, PUT and DELETE. You could code all this behaviour by hand using default Django, DRF just makes it a lot easier. The end result are simply specific routes which accept input and return output in specific formats to/from models.
Of course you can use that in addition to normal Django Views. It's just a different interface to your models and other business logic. Authentication can be the same, but typically you use some sort of token authentication for the API; that ultimately depends on how the API is supposed to be used exactly.
I'm building an app with a Django backend, Angular frontend, and a REST API using Django REST Framework for Angular to consume. When I was still working out backend stuff with a vanilla frontend, I used the provided Django authentication to handle user auth- but now that I'm creating a REST based app, I'm not sure how to approach authentication.
Since all user data will be either retrieved or submitted via the API, should API authentication be enough? If so, do I need to remove the existing Django authentication middleware?
Right now, when I try to hit API endpoints on an early version of the app, I'm directed to what looks like the normal Django login form. If I enter a valid username and password, it doesn't work- just prompts to login again. Would removing the basic Django authentication prevent this? I want to be prompted to login, however I'm not sure how to handle that with these technologies.
The package django-rest-auth seems useful, and the same group makes an Angular module- but the docs don't go much past installation and the provided endpoints. Ultimately, I think the core of this question is: how do I entirely switch authentication away from what's provided by Django to something like django-rest-auth or one of the other 3rd party packages recommended by DRF?
edit: I made this comment below, but I realized that I need to figure out how combined auth will work. I'm not building a single page app, so individual basic pages will be served from Django, but each page will hit various API endpoints to retrieve the data it needs. Is there a way to have something like django-rest-auth handle all authentication?
To anyone that stumbles onto this question, I couldn't figure out how to make the hybrid approach work. Having Django serve pages that each contained API calls seemed OK, but I never saw any requests made to the API- I believe due to some other security issues. I'm sure it's possible, but I decided to go for the single page app implementation after all to make things simpler.
I am new in Django so I have a question for start working with it. Now I am writing my apps in PHP and Yii2. In Yii, I have to separate apps (frontend and backend) with two auth mechanism. But I want go to Python with Django I know that is admin site but I dont know how to clone functionality like Yii2. I need two different pages for login users (admin and normal users) and 2 panels for them.
Should I use two difference instances of admin site or write it manually?
You don't need to have two different instances. Since the admin pages (backend) are shipped with django out of the box, you can just start building the frontend. Be sure to register your sites to the admin pages for the models you are using.
I recommend going through the great django documentation:
Django Documentation
The django-admin is pretty straightforward and works great out of the box. You are somehow limited in terms of customization though. It depends on what your goals are an how much functionality your administration needs.
More infos here.
I am making a web applicaion in python with flask framework in which different types of users are there like admin, editior, normal user etc. So the application access is different for each. How to implement this?. After login application need to redirect to user related views . Please help to make this in a better way
There is a Flask extension Flask-RBAC which does exactly what you need:
Flask-RBAC provides a Role-based Access Control module in Flask
applications. It can help you to control different role of users to
access your website.
I've read about a lot of different apps for django for integrating social authentication to django projects. But, I'm having some trouble understanding how this integration works
Does it extends the default USER models? Where do I find those kind of information in the applications?
I basically need a user system that has groups (for permission purposes). The user would be able to register using a common registration proccess or facebook. Will I be able to achieve that with any kind of application?
Thanks in advance.
There is an app called django-allauth. If you read their official documentation, it is pretty easy to follow. As per their instructions, you install the core app, and any other authentication you need (like facebook, oauth which google uses). Then, you have to go to facebook, get developers key, and add it to your django admin.
Basically, when somebody tries to login using facebook, the signin process sends the keys to facebook, and check if the user exists. If it does, then the authentication app creates user on the backend, just like a normal signin process. You can get javascript from facebook to make a login window.