UploadLanguage (EN)Support
BusinessMobileSocial MediaMarketingTechnologyArt & PhotosCareerDesignEducationPresentations & Public SpeakingGovernment & NonprofitHealthcareInternetLawLeadership & ManagementAutomotiveEngineeringSoftwareRecruiting & HRRetailSalesServicesScienceSmall Business & EntrepreneurshipFoodEnvironmentEconomy & FinanceData & AnalyticsInvestor RelationsSportsSpiritualNews & PoliticsTravelSelf ImprovementReal EstateEntertainment & HumorHealth & MedicineDevices & HardwareLifestyle
Upload
Sign in
Daniel Greenfeld, profile picture
Uploaded byDaniel Greenfeld
KEY, PPTX4,605 views

Lighting talk on django-social-auth

This document summarizes Daniel Greenfeld's presentation on using OAuth for user registration and authentication in Django projects. It discusses how OAuth can allow users to register and login using existing social media accounts like Twitter or Facebook, avoiding the need for separate usernames and passwords. It recommends using the django-social-auth package, which supports OAuth authentication across multiple providers while addressing issues like varying implementation details and a lack of documentation in other packages. The presentation provides instructions for installing django-social-auth and configuring OAuth settings and signal receivers.

TechnologyEntertainment & Humor
Download as KEY, PPTX
1 / 49
2 / 49
3 / 49
4 / 49
5 / 49
6 / 49
7 / 49
8 / 49
9 / 49
10 / 49
11 / 49
12 / 49
13 / 49
14 / 49
15 / 49
16 / 49
17 / 49
18 / 49
19 / 49
20 / 49
Registration & Authentication A story about Django and OAUTH
Daniel Greenfeld @pydanny Who am I? Daniel Greenfeld (@pydanny) Pythonista at Cartwheel Djangonaut at Revsys http://opencomparison.org Fiancé of Audrey Roy http://www.flickr.com/photos/pydanny/4442245488
Why am I talking?
We have needs
Daniel Greenfeld @pydanny What we need
Daniel Greenfeld @pydanny What we need • Registration of new users
Daniel Greenfeld @pydanny What we need • Registration of new users • Authentication of existing users
Daniel Greenfeld @pydanny What we need • Registration of new users • Authentication of existing users • Unless we are an ad-click content farm
Daniel Greenfeld @pydanny Use OAUTH
Daniel Greenfeld @pydanny Use OAUTH • People use Twitter/Facebook/etc
Daniel Greenfeld @pydanny Use OAUTH • People use Twitter/Facebook/etc • Fewer passwords to memorize
Daniel Greenfeld @pydanny Use OAUTH • People use Twitter/Facebook/etc • Fewer passwords to memorize • Our site needn’t store passwords
Daniel Greenfeld @pydanny Use OAUTH • People use Twitter/Facebook/etc • Fewer passwords to memorize • Our site needn’t store passwords • Twitter/Facebook/etc gets to worry about security
But OAUTH is a pain
Everyone implements it differently
Daniel Greenfeld @pydanny Different flavors
Daniel Greenfeld @pydanny Different flavors • Twitter
Daniel Greenfeld @pydanny Different flavors • Twitter • Facebook
Daniel Greenfeld @pydanny Different flavors • Twitter • Facebook • Google
Daniel Greenfeld @pydanny Different flavors • Twitter • Facebook • Google • Linkedin
Daniel Greenfeld @pydanny Different flavors • Twitter • Facebook • Github (YAY!) • Google • Linkedin
Daniel Greenfeld @pydanny Different flavors • Twitter • Facebook • Github (YAY!) • Google • Facebook ARGH • Linkedin
Daniel Greenfeld @pydanny Different flavors • Twitter • Facebook • Github (YAY!) • Google • Facebook ARGH • Linkedin The OAUTH specification is not honored well
Daniel Greenfeld @pydanny Different flavors • Twitter • Facebook • Github (YAY!) • Google • Facebook ARGH • Linkedin The OAUTH specification is not honored well Implementation changes are sometimes not announced
You want a tool used by many people
Many people means lots of eyes
Let’s find a tool!
Daniel Greenfeld @pydanny Django Auth Options http://djangopackages.com/grids/g/authentication/
Daniel Greenfeld @pydanny Django Auth Options Dozens more if you scroll http://djangopackages.com/grids/g/authentication/
Daniel Greenfeld @pydanny Many problems • django-tastypie and Piston are for APIs • Most of these lack tests • Most of these lack documentation • Bad code smell
They all suck for OAUTH?
One Good Tool!
Daniel Greenfeld @pydanny django-social-auth • https://github.com/omab/django-social-auth • http://django-social-auth.rtfd.org
Daniel Greenfeld @pydanny django-social-auth
Daniel Greenfeld @pydanny django-social-auth • Tests!
Daniel Greenfeld @pydanny django-social-auth • Tests! • Docs!
Daniel Greenfeld @pydanny django-social-auth • Tests! • Docs! • Good code smell!
Daniel Greenfeld @pydanny Statistics http://djangopackages.com/packages/p/django-social-auth/
Daniel Greenfeld @pydanny Statistics Many downloads http://djangopackages.com/packages/p/django-social-auth/
Daniel Greenfeld @pydanny Statistics Ongoing development Many downloads http://djangopackages.com/packages/p/django-social-auth/
Daniel Greenfeld @pydanny Statistics Ongoing development Many downloads Many eyes on the problem http://djangopackages.com/packages/p/django-social-auth/
Using django-social-auth
Daniel Greenfeld @pydanny Get the dependency pip install django-social-auth==0.5.13
Daniel Greenfeld @pydanny Part I: settings.py INSTALLED_APPS = ( ... 'social_auth', ... ) AUTHENTICATION_BACKENDS = ( 'social_auth.backends.contrib.github.GithubBackend', # keep this so you have that admin level backend access! 'django.contrib.auth.backends.ModelBackend', )
Daniel Greenfeld @pydanny Part II: settings.py from django.template.defaultfilters import slugify SOCIAL_AUTH_ENABLED_BACKENDS = ('github',) SOCIAL_AUTH_COMPLETE_URL_NAME = 'socialauth_complete' SOCIAL_AUTH_ASSOCIATE_URL_NAME = 'associate_complete' SOCIAL_AUTH_DEFAULT_USERNAME = lambda u: slugify(u) SOCIAL_AUTH_EXTRA_DATA = False SOCIAL_AUTH_CHANGE_SIGNAL_ONLY = True SOCIAL_AUTH_ASSOCIATE_BY_MAIL = True # associate user via email (Usually you can just go with these as your settings)
Daniel Greenfeld @pydanny Part III: root urls.py urlpatterns = patterns("", url('', include('social_auth.urls')), ... )
Daniel Greenfeld @pydanny Part IV: profile/views.py from social_auth.signals import pre_update from social_auth.backends.contrib.github import GithubBackend from profiles.models. import Profile def github_user_update(sender, user, response, details, **kwargs): profile_instance, created = Profile.objects.get_or_create(user=user) profile_instance.save() return True pre_update.connect(github_user_update, sender=GithubBackend) (Not specifying this view in urls - django-social-auth does it for me)
Daniel Greenfeld @pydanny Try it yourself! http://djangopackages.com/login/
Thanks!