Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Coding FrameWork Django Plug in django-allauth as endpoint in django-rest-framework

Thread Rating:
  • 462 Vote(s) - 3.55 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
Plug in django-allauth as endpoint in django-rest-framework

Offline spiroseukauaki


Member
*
Member
Posts: 1
Threads: 1
Joined: Sep 2018
Reputation: 0
Level: 1 [Level]
Total Points: 0
Rank 0 / 1
99% to upload Level
Rank
Activity 0 / 1
99% to upload your Rank
Activity
Experience 1
99% to upload Experience
Experience

Points: 50
#1
08-02-2023, 03:46 PM
I'm using django-allauth on my website for social logins. I also have a REST API powered by django-rest-framework that serves as the backend of a mobile app. Is there a way I can directly plug in allauth's authentication backend to the REST api so that I can validate (and register) users who use Facebook login in the mobile app?

To clarify: The Facebook login part is handled by native SDKs. I need an endpoint that works like `POST /user` (that is, creates a new user), but takes Facebook oauth token as input instead of email/password etc.
Reply

Offline zendejas269


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Sep 2020
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
08-02-2023, 04:15 PM
While I'm not quite sure how to use allauth and rest-fremework together, [allauth does not offer such an endpoint][1].<br>
<br>
Suggestion: make your own that does a variation of the following:<br>
Call allauth.socialaccount.providers.facebook.views.fb_complete_login(None, socialtoken) where socialtoken is as created in login_by_token. That performs (a few functions deeper) a django.contrib.auth.login, possibly creating the acct.<br>
<br>
After that, for use on mobile devices, it might be possible to the the auth (not FB) token: get the user data (from session?), and call rest_framework.authtoken.views.obtain_auth_token<br>
<br>
Notes:<br>
1. This offers no way to resolve email conflicts or connect social/local accts.<br>
2. I haven't tried it - please post code if you can get it working.


[1]:

[To see links please register here]

Reply

Offline Sirplenitide586


Member
*
Member
Posts: 0
Threads: 0
Joined: Nov 2017
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#3
08-02-2023, 04:36 PM
You could use djoser but I don't know how it cooperates with allauth:

[To see links please register here]

Reply

Offline carlinzmui


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Apr 2018
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#4
08-02-2023, 04:50 PM
You can use this libray for social authentication [django-rest-framework-social-oauth2] [0]. Try this django-allauth related code


# urls.py

urlpatterns = [
url(
r'^rest/facebook-login/$',
csrf_exempt(RestFacebookLogin.as_view()),
name='rest-facebook-login'
),
]

#serializers.py

class EverybodyCanAuthentication(SessionAuthentication):
def authenticate(self, request):
return None

#views.py

class RestFacebookLogin(APIView):
"""
Login or register a user based on an authentication token coming
from Facebook.
Returns user data including session id.
"""

# this is a public api!!!
permission_classes = (AllowAny,)
authentication_classes = (EverybodyCanAuthentication,)

def dispatch(self, *args, **kwargs):
return super(RestFacebookLogin, self).dispatch(*args, **kwargs)

def get(self, request, *args, **kwargs):
try:
original_request = request._request
auth_token = request.GET.get('auth_token', '')

# Find the token matching the passed Auth token
app = SocialApp.objects.get(provider='facebook')
fb_auth_token = SocialToken(app=app, token=auth_token)

# check token against facebook
login = fb_complete_login(original_request, app, fb_auth_token)
login.token = fb_auth_token
login.state = SocialLogin.state_from_request(original_request)

# add or update the user into users table
complete_social_login(original_request, login)
# Create or fetch the session id for this user
token, _ = Token.objects.get_or_create(user=original_request.user)
# if we get here we've succeeded
data = {
'username': original_request.user.username,
'objectId': original_request.user.pk,
'firstName': original_request.user.first_name,
'lastName': original_request.user.last_name,
'sessionToken': token.key,
'email': original_request.user.email,
}
return Response(
status=200,
data=data
)

except:
return Response(status=401, data={
'detail': 'Bad Access Token',
})

[0]:

[To see links please register here]

Reply

Offline serendipity342829


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Jul 2020
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#5
08-02-2023, 04:52 PM
You can use [Django Rest Auth][1] for this which depends on django-allauth. It's very easy to integrate.


[1]:

[To see links please register here]

Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through