I'm using django-allauth to allow users to login to a django app. I want users to be able to signup, but ONLY approved users should be able to access sensitive content. That is, a user who has signed up through the sign in page should have a pending status before accessing pages marked with the 'login-required' decorator.
I currently have django-allauth running with google-oauth2 login, and users are successfully added to my user table. Would anyone know how to set up such a system?
I did come across this post mentioning disabling signup all together, although I do want users to be able to signup, just approved, whether this is through the admin system or through an link generated that I would be able to click.
Any ideas would be much appreciated.
Related
I am building a django application in which user will be able to sign up or sign in only via their EBay account, no email/username or password required. I couldn't find any authentication library for EBay though there are many for google, facebook, twitter etc.
So I got the EBay part working. EBay basically returns (on consent of user) Email and a IEFS token which is unique to that user and wont change. I want to use those two fields only to create a authenticate user across whole application. I don't want username, emails, firstname, lastname or password that ships with django User model. The documentation is quite big and I am confused where to start, any proper suggestion will be big help. Thank you.
Here is a bit of insight, the code is yours to make :
You can extend the user model from Django and decide which field to use, you could for example create a Ebay ID field Abstract User
Once this is done you want to add the ebay ID to an user, just create an account with email and ID, the user won't need any more info
Finally allow user to connect only by email, either by overriding custom login from Django or using a package like Django Allauth
Please note that unless your site is accessible only by Ebay users, allowing user to connect with email/password is recommended.
It is perfectly doable, just make good use of the documentation
I want to do a social authentication with Google and Facebook. For that I have use social-auth-app-django. When I login with using Google it will directly create an account in django user model and redirect to my URL. But I want to fill extra required details of user, after entering detail create user after user's confirmation and don't want to directly login new user and redirect to my authenticated page.
Any suggestion is always appreciated.
Thanks.
That's basically the purpose of the partial pipelines feature on python-social-auth (docs). The idea is to pause the authentication flow at any time and resume it later, it's commonly used to ask for more details to the user, or to just send a validation email.
Check the example application here, in the settings it overrides the default pipeline with one that will ask the user for their email address.
I'm using django-allauth for my social account login. After the user completes registration, he gets logged in.
On another day, the user is already logged in with twitter/google+/facebook. How will he be able to get logged in automatically in my website?
Is there anyway, I can accomplish this preferably by a configuration setting.
Note: I'm not using email verification.
I am working on a project in a team using Django. I am trying to implement User Registration part in Django. This is what I have done so far.
I have created a separate application within my project called signup.
In this application, I am providing a page to the anonymous user to sign up for my web application. The user is able to sign in successfully and I can see him as admin inside Django Admin interface.
I am also using django-allauth. Now, I want that whenever the user signs up, the admin should accept/reject the users registration. How can I achieve that in allauth?
This is what I have done so far. I have created a separate application within my project called signup.
You don't need to do this, as Django Allauth already does it. As soon as you get it running, which takes some time, allauth will already have standard apps, with views + templates for users who want to signup, login, change password, recover password, etc.
You can make new users have to confirm an email before using your app by specifying this in settings.py
ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
However, I do not see a reason why you would want to manually accept users with human input. If that is the case, I suggest removing all signup pages, and manually creating users from a shell window or admin panel on request.
If you want more detail on how to set it up, try example1 or further reading.
I've read about a lot of different apps for django for integrating social authentication to django projects. But, I'm having some trouble understanding how this integration works
Does it extends the default USER models? Where do I find those kind of information in the applications?
I basically need a user system that has groups (for permission purposes). The user would be able to register using a common registration proccess or facebook. Will I be able to achieve that with any kind of application?
Thanks in advance.
There is an app called django-allauth. If you read their official documentation, it is pretty easy to follow. As per their instructions, you install the core app, and any other authentication you need (like facebook, oauth which google uses). Then, you have to go to facebook, get developers key, and add it to your django admin.
Basically, when somebody tries to login using facebook, the signin process sends the keys to facebook, and check if the user exists. If it does, then the authentication app creates user on the backend, just like a normal signin process. You can get javascript from facebook to make a login window.