I'm developing an application where the user will be able to log in via his Facebook account to use my GAE backend. I know that I have to first create a Facebook session on my iOS device (via the Facebook SDK or SimpleAuth) and pass it to GAE, but how do I do that? I know there is an option to use Lean-Engine, however it is Java based and my app is in Python and the iOS classes aren't quite that ready yet.
I'd like to use the Endpoints API to exchange data between the iOS device and GAE, but apparently it requires to use a Google account to use for login, according to this article. However, this is not as crucial. I want to avoid the user having to fill-in any kind of username/password to log in to the backend application.
How can I achieve this?
Related
I'm new to Okta and I'm having a tough time wrapping my head around what I need to do in order to authenticate users.
I'm writing a web portal for a company that already uses Okta internally.
They have requested that I use Okta to authenticate users. That is the only Okta integration requirement.
The portal uses vanilla JS/CSS/HTML5 on the front end, and a custom Python api layer and Python back end for serving data.
I've read through the guide over at http://developer.okta.com/docs/guides/pysaml2.html and I can't help but think this seems like overkill to simply authenticate users.
I saw that when I created a sample app that I could create the app with Secure Web Authentication rather than SAML. Is that advisable in my case? Do we need to use SAML?
If SAML is the correct approach, I'm feeling a bit lost after reading through the documentation about where to even begin. The app itself isn't really a Python app, although Python is used.
I have the Okta app created. I have the custom web app created with a custom Python backend and API layer.
Any tips on how to connect the two in order to authenticate users?
Have you seen this: http://developer.okta.com/docs/guides/okta_sign-in_widget
Seems most appropriate to your situation.
I'm writing a Django app that uses django-allauth for Facebook integration, and uses django-tastypie for a backend for an iOS app. The iOS app will use the native Facebook iOS SDK. I'd like to be able to sign up and verify both Facebook and non-Facebook users from the iOS app, in addition to the website.
The issue is that django-allauth doesn't seem to have an API that can be accessed externally. The only clean way to plugin to allauth's functionality seems to be via Django template tags. Is there a way I can expose this functionality to be used with tastypie?
Django-allauth is all open source, so I've tried to parse through the code. My initial idea is to authenticate users on the iOS side using the native Facebook SDK, and then manually fill in information for SocialAccount, SocialToken, and add the SocialAccount to SocialApp (those are all django-allauth models). However, that seems to be quite a hacky solution. I'd love a way to cleanly create all those models given a Facebook ID, or something similar.
Update:
There's been some discussion concerning this issue on the GitHub. Basically, there's no built-in functionality yet. I'm going to whip up a custom solution that only deals with Facebook (because that's all I'm using in my application). I'll post what I did here later if it works.
Quick look into django-allauth shows that they are using SocialAccount model to hold data on specific method of authentication and type of social account.
You need to create an API endpoint based on SocialAccount model. You need to pass there variables like: account type (facebook, local, twitter etc), additional auth variables needed by social auth providers. Then, in your code you can create SocialAccount model instances, feed with data received from API endpoint call and trigger corresponding auth call via django-allauth. Finally you should return result of your auth call.
I don't see a big reason to use django-allauth for local/facebook auth only, with some small effort you can have whole range of social auth providers.
I used requests library to deal with facebook API and it works great, I think no social login plugin for Django works for others but the author, if you want to do something seriously.
PS. I used django-rest-framework to build the rest backend for mobile apps, also including local account login and social site login.
I'm doing a JSON WebService backend for an iPhone application. Is there any best practice or existing frameworks (I use Python) to handle authentication and keeping a session between requests? I guess you use some form of ticket system because you can't use regular sessions like with web browsers?
You should definitely go for Oauth.
Have a look to the gtm-oauth library, it allows Cocoa applications to sign in to services using OAuth for authentication and authorization and it works with Google APIs and with any standard OAuth provider.
Check this blog post for further information.
I have created a Django application. The app has a login functionality.
Can somebody help to find a way to make it possible to login using Facebook credential or point me some tutorials to implement it ?
Summary;
https://github.com/mlavin/django-all-access
https://github.com/pennersr/django-allauth
https://github.com/omab/django-social-auth
https://github.com/uswaretech/Django-Socialauth
https://github.com/hiidef/oauth2app
https://github.com/timetric/django-oauth
https://github.com/daaku/django-oauth-consumer
https://github.com/eldarion/django-oauth-access
https://github.com/dgouldin/python-oauth2
https://github.com/henriklied/django-twitter-oauth
https://launchpad.net/django-openid-auth
https://www.djangopackages.com/grids/g/oauth/
http://peterhudec.github.io/authomatic/
django-all-access
django-all-access is a reusable application for user registration and authentication from OAuth 1.0 and OAuth 2.0 providers such as Twitter and Facebook.
The goal of this project is to make it easy to create your own workflows for authenticating with these remote APIs. django-all-access will provide the simple views with sane defaults along with hooks to override the default behavior.
There is a simple demo application running on at http://allaccess-mlavin.dotcloud.com/ The full source of this application is include in the repository.
django-allauth
Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.
Supported Flows
Signup of both local and social accounts
Connecting more than one social account to a local account
Disconnecting a social account -- requires setting a password if only the local account remains
Optional instant-signup for social accounts -- no questions asked
E-mail address management (multiple e-mail addresses, setting a primary)
Password forgotten flow
E-mail address verification flow
Supported Providers
Dropbox (OAuth)
Facebook (both OAuth2 and JS SDK)
Github
Google (OAuth2)
LinkedIn
OpenId
Persona
SoundCloud (OAuth2)
Stack Exchange (OAuth2)
Twitch (OAuth2)
Twitter
Weibo (OAuth2)
Django Social Auth
Django Social Auth is an easy way to setup social authentication/authorization mechanism for Django projects.
Crafted using base code from django-twitter-oauth and django-openid-auth, it implements a common interface to define new authentication providers from third parties.
Supported Providers
Google OpenID
Google OAuth
Google OAuth2
Yahoo OpenID
OpenId like myOpenID
Twitter OAuth
Facebook OAuth
Django-Socialauth
What it does
Allow logging in via various providers.
Import contacts from various third party sites, to find out which of your
friends already use our service.
Logging In
This is a application to enable authentication via various third party sites.
In particular it allows logging in via
Twitter
Gmail
Facebook
Yahoo(Essentially openid)
OpenId
oauth2app
The oauth2app module helps Django site operators provide an OAuth 2.0 interface. The module is registered as an application.
django-oauth
This is a forked version of David Larlet's django-oauth.
One very important difference is that this version requires that you be running a real cache behind Django's caching framework.
django-oauth-access
Supported Providers
Twitter
LinkedIn
Yahoo
Facebook (using OAuth 2.0 — it is functional, but needs more work)
Likely any OAuth 1.0a compliant site
django-oauth-consumer
A django application providing infrastructure for consuming OAuth services. It is not for providing OAuth services.
Also useful:
http://developers.facebook.com/docs/guides/web/#login
http://developers.facebook.com/docs/guides/canvas/#auth
https://github.com/dgouldin/python-oauth2
https://github.com/henriklied/django-twitter-oauth
https://launchpad.net/django-openid-auth
https://www.djangopackages.com/grids/g/oauth/
http://peterhudec.github.io/authomatic/examples/django-simple.html
I highly recommend using django-social-auth. The README is very complete, and it also includes information for authenticating against other OAuth sources such as twitter, and against OpenID sources like Google and Yahoo. Of course, if you just wanted Facebook authentication, you can just use it for that.
There's also an included example application, which gives you some sample code to play with.
FOR MOBILE APPLICATION, if you are developing an application for ios/android with django in the backend, what you can do is login to facebook in the frontend using the facebook ios/android api. But this is not the final login for your app. Upon facebook-login, facebook gives you an access token which you can then send to your django backend along with your facebook username/email. In the back, django can use something like facebook python sdk to verify the username-access token pair by communicating with facebook. If verified, you can finally log in the user for your app.
Using the python sdk is easy, just read the tutorial and you will be communicating with facebook in seconds.
The new way of doing that is by using python-social-auth, as django-social-auth was deprecated in favor of python-social-auth and now supports other frameworks than Django such as Flask, Pyramid, Web.py and Tornado.
It also supports other major auth providers such as Microsoft, Google, Twitter, Amazon, GitHub and many more.
Here is a quick get-started way to configure it on Django:
How to sign in with the Google+ API using Django?
I can totally recommend django-allauth.
It just works!
I'm currently building a Python webapp on the Google App Engine and I want to expose various parts of my application via a JSON API. This API may be used in the form of a mobile client, or (for the purposes of testing) a headless Python script.
I need to be able to authenticate users before they perform operations on the API. I notice that the Users API does not support simple authentication [in the form of authenticate(username, password)] so merely sending the username/password to a URL and then later using some given token would not work.
Ultimately, I would like the application to use Facebook Connect in addition to its own logins.
Could somebody please suggest how is the best way to authenticate users in this situation, using a remote JSON API and the Google App Engine?
Cheers
You might want to check out the recently released oauth support. Failing that, you can implement your own authentication, for example by using simple or digest authentication.
Just for the record, I ended up going with the wonderful Tipfy framework in the end.