I'm using Django-Allauth, but when I upload my project in the server and click on the button to login via Google or Facebook, I redirect to http://127.0.0.1:8001/accounts/google/login/callback/?state=*****
instead of http://example.com/accounts/google/login/callback/?state=*****
I am newbie, so please help me in-depth step by step.
In django admin, update your Site object's domain to your server's ip or your domain name.
Related
I am using django to create a web app and add facebook login in the homepage. But whenever I run click on the facebook login link, I get the following error. Can anyone tell me where the error is and how I can fix it ?
Go to facebook developers.
Select your app.
On the left menu choodse Facebook login -> Settings.
In the "Valid OAuth redirect URI's" enter the proper URL.
It your site is https://example.com and you registerd all_auth app url's under /accounts the default callback URL should look like this:
https://example.com/accounts/facebook/login/callback/
I am developing a native frontend application which communicates with a backend rest api built using python django rest framework.
The rest framework uses django rest framework token authentication in which every user has an authorization token and the token will have to be attached to the header of every http request to the rest api in the form of “Authorization: Token ”.
My application provides the user with two main ways to login. The first one is to register an account with username and password. This will create a django User model object and a token will be generated. This login method works well.
The second login method is to login with the user's social account. My idea is whenever an user login with their facebook account, the app will be redirected to my website which will then redirect the user to the social media of their choice. After authorizing the social media api will redirect them to my website again which a user and a token will be created. Then my website will redirect back to my native app using a custom uri with the token attached in the uri like this:
myapp://authenticate#token=xhskscjndjnccjdsdc
The native app will then parse the uri and obtain the token.
The part that I am worried about is security. This method works but attaching a token in an uri seems a bit insecure to me. Is there any best practice that I can follow? Thanks!
I can propose you to use django-rest-auth for dealing with Authentification and Registration.
With that package/library you can use Social Authentication through Facebook, Twitter, Google or other provider.
I'm having trouble associating Soundcloud accounts to user accounts on my app.
The app is built on django using python-social-auth, and I also have a Facebook association, which is working perfectly.
When I click on the soundcloud button, it redirects me to
http://local.gl.com:8080/?error=redirect_uri_mismatch&error_description=The+redirection+URI+provided+does+not+match+a+pre-registered+value.&state=OBclf3I3ODoKKD5uRdD97AozInK1iUF2#
and nothing happens.
local.gl.com is mapped to my development server address on /etc/hosts
my redirection URI on the soundcloud developers page is
http://local.gl.com:8080/ and on my settings.py I have:
SOCIAL_AUTH_NEW_USER_REDIRECT_URL = '/users/register/'
SOCIAL_AUTH_LOGIN_REDIRECT_URL = '/'
On the .html file I have
soundcloud
Which is basically the same thing I'm using for Facebook, which is working.
I've tried everything that I could find on SO, including registering a new app with soundcloud but I always get the same error.
Any suggestions?
I just had to change the redirect URI on soundcloud page to
http://local.gl.com:8080/complete/soundcloud/
I had already tried that but I had a different error on the settings.py that I hadn't realised, so I was also getting an error with that uri
There is an edit page on my GAE app only the admin can log in. It works well on GAE server. But on the local dev machine, when I go to
http://localhost:9080/editpage
it says
Current logged in user test#example.com is not authorized to view this page.
How can I change test#example.com to my admin account?
I use python.
You can go directly to /_ah/login and change who you're logged in as. (Or to log out, or to change user/admin-status.)
You have already logged-in as test#example user, clear browser data and try again.
In the login page, check the checkbox "Sign in as Administrator" to login as admin.
I'm trying to find a way to allow users to log into my django website using the facebook login button. (https://developers.facebook.com/docs/reference/plugins/login/) I've found a way to login with OAuth, but I cannot find a way to have the facebook login button to use OAuth instead of the SDK, or to hook the SDK into one of the django social auth apps.
I've tried several of the top auth plugins, and they either don't work at all or only use OAuth and don't support the login button.
I think that login through the facebook javascript SDK would not be able to set any session info on the django backend . DO be able to complete the django login process you will have to do that as well.
Could you possibly make an ajax request in the callback of javascript login and run the django backend login code such that you are also able to set django session info .
I should warn you this may not work at all because of CORS .