Lighting talk on django-social-auth

Registration &AuthenticationA story about Django and OAUTH

Daniel Greenfeld @pydanny Who am I? Daniel Greenfeld (@pydanny) Pythonista at Cartwheel Djangonaut at Revsys http://opencomparison.org Fiancé of Audrey Royhttp://www.ﬂickr.com/photos/pydanny/4442245488

Why am I talking?

We have needs

Daniel Greenfeld @pydannyWhat we need

Daniel Greenfeld @pydanny What we need• Registration of new users

Daniel Greenfeld @pydanny What we need• Registration of new users• Authentication of existing users

Daniel Greenfeld @pydanny What we need• Registration of new users• Authentication of existing users• Unless we are an ad-click content farm

Daniel Greenfeld @pydannyUse OAUTH

Daniel Greenfeld @pydanny Use OAUTH• People use Twitter/Facebook/etc

Daniel Greenfeld @pydanny Use OAUTH• People use Twitter/Facebook/etc• Fewer passwords to memorize

Daniel Greenfeld @pydanny Use OAUTH• People use Twitter/Facebook/etc• Fewer passwords to memorize• Our site needn’t store passwords

Daniel Greenfeld @pydanny Use OAUTH• People use Twitter/Facebook/etc• Fewer passwords to memorize• Our site needn’t store passwords• Twitter/Facebook/etc gets to worry about security

But OAUTH is a pain

Everyone implements it differently

Daniel Greenfeld @pydannyDifferent ﬂavors

Daniel Greenfeld @pydanny Different ﬂavors• Twitter

Daniel Greenfeld @pydanny Different ﬂavors• Twitter• Facebook

Daniel Greenfeld @pydanny Different ﬂavors• Twitter• Facebook• Google

Daniel Greenfeld @pydanny Different ﬂavors• Twitter• Facebook• Google• Linkedin

Daniel Greenfeld @pydanny Different ﬂavors• Twitter• Facebook • Github (YAY!)• Google• Linkedin

Daniel Greenfeld @pydanny Different ﬂavors• Twitter• Facebook • Github (YAY!)• Google • Facebook ARGH• Linkedin

Daniel Greenfeld @pydanny Different ﬂavors• Twitter• Facebook • Github (YAY!)• Google • Facebook ARGH• LinkedinThe OAUTH speciﬁcation is not honored well

Daniel Greenfeld @pydanny Different ﬂavors • Twitter • Facebook • Github (YAY!) • Google • Facebook ARGH • Linkedin The OAUTH speciﬁcation is not honored wellImplementation changes are sometimes not announced

You want a tool used by many people

Many people means lots of eyes

Let’s ﬁnd a tool!

Daniel Greenfeld @pydanny Django Auth Optionshttp://djangopackages.com/grids/g/authentication/

Daniel Greenfeld @pydanny Django Auth Options Dozens more if you scrollhttp://djangopackages.com/grids/g/authentication/

Daniel Greenfeld @pydanny Many problems• django-tastypie and Piston are for APIs• Most of these lack tests• Most of these lack documentation• Bad code smell

They all suck for OAUTH?

One Good Tool!

Daniel Greenfeld @pydanny django-social-auth• https://github.com/omab/django-social-auth• http://django-social-auth.rtfd.org

Daniel Greenfeld @pydannydjango-social-auth

Daniel Greenfeld @pydanny django-social-auth• Tests!

Daniel Greenfeld @pydanny django-social-auth• Tests!• Docs!

Daniel Greenfeld @pydanny django-social-auth• Tests!• Docs!• Good code smell!

Daniel Greenfeld @pydanny Statisticshttp://djangopackages.com/packages/p/django-social-auth/

Daniel Greenfeld @pydanny Statistics Many downloadshttp://djangopackages.com/packages/p/django-social-auth/

Daniel Greenfeld @pydanny Statistics Ongoing development Many downloadshttp://djangopackages.com/packages/p/django-social-auth/

Daniel Greenfeld @pydanny Statistics Ongoing development Many downloads Many eyes on the problemhttp://djangopackages.com/packages/p/django-social-auth/

Usingdjango-social-auth

Daniel Greenfeld @pydanny Get the dependencypip install django-social-auth==0.5.13

Daniel Greenfeld @pydanny Part I: settings.pyINSTALLED_APPS = ( ... social_auth, ...)AUTHENTICATION_BACKENDS = ( social_auth.backends.contrib.github.GithubBackend,# keep this so you have that admin level backend access! django.contrib.auth.backends.ModelBackend,)

Daniel Greenfeld @pydanny Part II: settings.pyfrom django.template.defaultfilters import slugifySOCIAL_AUTH_ENABLED_BACKENDS = (github,)SOCIAL_AUTH_COMPLETE_URL_NAME = socialauth_completeSOCIAL_AUTH_ASSOCIATE_URL_NAME = associate_completeSOCIAL_AUTH_DEFAULT_USERNAME = lambda u: slugify(u)SOCIAL_AUTH_EXTRA_DATA = FalseSOCIAL_AUTH_CHANGE_SIGNAL_ONLY = TrueSOCIAL_AUTH_ASSOCIATE_BY_MAIL = True # associate user via email (Usually you can just go with these as your settings)

Daniel Greenfeld @pydannyPart III: root urls.py urlpatterns = patterns("", url(, include(social_auth.urls)), ... )

Daniel Greenfeld @pydanny Part IV: proﬁle/views.pyfrom social_auth.signals import pre_updatefrom social_auth.backends.contrib.github import GithubBackendfrom profiles.models. import Profiledef github_user_update(sender, user, response, details, **kwargs): profile_instance, created = Profile.objects.get_or_create(user=user) profile_instance.save() return Truepre_update.connect(github_user_update, sender=GithubBackend)(Not specifying this view in urls - django-social-auth does it for me)

Daniel Greenfeld @pydanny Try it yourself!http://djangopackages.com/login/

Thanks!

http://www.nerdyang.com	139
http://www.mefeedia.com	13
http://yanng.sinaapp.com	7
http://www.xinyuandan.me	6
http://www.linkedin.com	2
http://xinyuandan.me	1

Lighting talk on django-social-auth

by Daniel Greenfeld

Accessibility

Categories

Upload Details

Usage Rights

6 Embeds 168

Statistics

Lighting talk on django-social-auth Presentation Transcript