Background info
I'm currently in the process of making a system that tracks work sessions, and the shifts done by people in those sessions. It will consist of a discord bot for alerts and responses to invites, a python app for initiating these sessions & invites, and eventually a rails web app for everything. Users will log on with their google accounts. MySQL database currently stores all the data.
Question
I want to make it so my python script (and eventually web app) users can log on using their Google accounts. What's the simplest use of OAuth2 to just get the user's email? The SQL database has their email and it would be nice to just have some simple call to the Google API that returns the email of the user, so I can cross-reference that with my user table to find which user is logging on.
Also...
This isn't just me being lazy and wanting someone else to give me the code for this project, I've actually done Google authentication before with accessing spreadsheets shared with users, however in this example I feel as though it could be simplified as I don't need access to any of the user's Google account, just which email they used to sign in, and I can't find a way myself.
Related
I have many features that can be customized within the bot and using the commands itself, but this can get confusing and may be bugged at times.
Would there be a way to allow users log into the website using Discord's API and to customize the bot from there?
It's similar to how MEE6 or carl and these bots allow users to customize or
buy a premium version, but just can't seem to find how I can do this myself.
An example is, a user can head onto the website and can turn on the moderation module through their account they have signed in with. This would then connect with the bot in my python file, or change the config json file with the user id, setting moderation = "True".
First of all, to "log in with discord" on your site you'll need to use discord's OAuth2. If you're storing your data in a json file (which I wouldn't recommend for scalability anyway), then you'll have to run you site from the same server as your bot and edit it there. However, you'd be better of in both ways using a cloud-hosted database such as PostgreSQL (SQL) or MongoDB (noSQL). Both of those can either be hosted locally on your machine, or by them in the cloud for free. Personally, I prefer MongoDB. That way you can run your site from wherever and update your database.
I am running a research project where we create the participant's Jawbone accounts. I am writing a piece of program that captures all of the participants' step counts. I am wondering how I can feed the username and password without having this page below pop up.
In essence, I want to streamline the process so that I can get the oauth access token without any user manual input. I am writing all of this in Python (Google App Engine).
The only way to avoid that page is to have already stored the OAuth tokens for the user. As part of the OAuth protocol, each user has to grant your application access to the data.
How are you planning to gather the users' accounts and credentials?
I would recommend that instead of gathering users' emails and passwords manually, you:
Build a simple sign up flow in your app according to the UP Authentication doc.
Have your users run that flow
Save their OAuth tokens for later use
I have a web application that is currently written in rather messy PHP with a messy database that I'm in the process of migrating to Django. I have set it up in my project as a legacy database and have generated models using inspectdb, so I think I can fairly easily write a script to translate old database to new, but I'm not sure how to tackle the user side.
Originally the app had some sort of Facebook integration, but this broke a few years ago when Facebook changed their side. The current users table has Facebook IDs for some users, but no other Facebook data (some users have also set email addresses and local passwords too).
I have a basic install of django-allauth with the Facebook integration set up and working, so can I import all of the users somehow? Those with the local alternative login-credentials (whether with a Facebook ID or not) are probably more important than the ones that only have a Facebook ID, so should I just use the standard Django create user methods and let users re-enable their own Facebook integration at a later time?
I migrated away from Google App Engine several months ago. But I am still relying on it for authentication, because my users are identified by their user_id attribute on GAE.
For this purpose my (now external) applications redirect the user to a Google App Engine application using a encrypted, signed and timestamped login request. The GAE application then performs the login using GAE's "Users" service. After successfully being logged-in on GAE, the user is again redirected using a encrypted, signed and timestamped response to my external application.
The rudimentary implementation can be found here and here. As you can see, this is very basic and relies on heavy crypto that leads to bad performance.
My external applications, in this case Django applications, are storing the user_id inside the password field of the user table. Besides the user_id, I only get the email address from GAE to store username and email in Django.
Now I would like to remove the dependency on the GAE service. The first approach which comes to mind would probably be to send an email to each user requesting him to set a new password and then perform my own authentication using Django.
I would prefer a solution which relies on Google's OpenID service so that there is actually no difference for the user. This is also preferred, because I need to send the user to Google anyway to get AuthSub tokens for the Google Calendar API.
The problem is that I couldn't find a way to get the GAE user_id attribute of a given Google Account without using GAE. OpenID and all the other authentication protocols use different identifiers.
So now the question is: Does Google provide any API I could use for this purpose which I haven't seen yet? Are there any other possible solutions or ideas on how to migrate the user accounts?
Thanks in advance!
The best way to do this is to show users a 'migration' interstital, which redirects them to the Google OpenID provider and prompts them to sign in there. Once they're signed in at both locations, you can match the two accounts, and let them log in over OpenID in future.
AFAIK, the only common identifier between Google Accounts and Google OpenID is the email.
Get email when user logs into Google Account via your current gae setup. Use User.email(). Save this email along with the user data.
When you have emails of all (most) users, switch to Google OpenID. When user logs in, get the email address and find this user in the database.
Why don't you try a hybrid approach:
Switch to OpenId
If your application already knows the userId, you are done
If not ask the user, if he has an account to migrate
If yes, log him in with the old mechansim and ttransfer the acount
If not create a new account
Google has a unique identifier that's returned as a parameter with a successful OpenID authentication request - *openid.claimed_id* . If you switch to using OpenID you could essentially exchange the user_id for this parameter the first time a user logs in using the new method without the user noticing anything different about their login experience.
Documentation for the authentication process is outlined here. I'd recommend using the hybrid OpenID+OAuth approach so that you can associate your request token with a given id, then, upon return, verify that the openid.claimed_id matches your original request token.
I want to create an application that allows a user to register and login to a django application with an external provider. In addition, I then want the user to be able to associate additional accounts with that initial account. Finally, I would like the user to be able to login to the application with one of the other associated accounts.
So if a user initially signs in with Facebook Connect, I want them to be able to link their Google account. Then, if they log out, they can log in with their Google account (via openid) and it logs the user in as though they logged in via Facebook Connect.
Does anything like this exist already? Or do I need to write it myself?
The perfect solution for you seems to be Django-SocialAuth. See here. From the page:
Here is an app to allow logging in via twitter, facebook, openid, yahoo, google, which should work transparently with Django authentication system. (#login_required, User and other infrastructure work as expected.) Demo and Code
Edit: I'm pretty sure that SO uses django-SocialAuth for it's login system, looking at the project's demo page.