Skip to content

locarise/locarise-oauth-clients

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
locarise_oauth_clients
locarise_oauth_clients
 
 
.gitignore
.gitignore
 
 
LICENCE
LICENCE
 
 
MANIFEST.in
MANIFEST.in
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

Locarise OAuth clients

A collection of OAuth clients for accounts.locarise.com

This module implements a OAuth 2.0 clients in several popular Django social authentication apps. To install this module in your project, install with pip as follow:

pip install git+https://github.com/Locarise/locarise-oauth-clients.git

And refer to the corresponding social app.

django-allauth Client

Found in the allauth folder, this module define a OAuth Locarise provider for django-allauth.

Installation

First you will need to install django-allauth:

pip install django-allauth

Then edit the following files of your Django project:

settings.py:

TEMPLATE_CONTEXT_PROCESSORS = (
    ...
    'django.core.context_processors.request',
    ...
    'allauth.account.context_processors.account',
    'allauth.socialaccount.context_processors.socialaccount',
    ...
)

AUTHENTICATION_BACKENDS = (
    ...
    # Needed to login by username in Django admin, regardless of `allauth`
    'django.contrib.auth.backends.ModelBackend',

    # `allauth` specific authentication methods, such as login by e-mail
    'allauth.account.auth_backends.AuthenticationBackend',
    ...
)

INSTALLED_APPS = (
    ...
    'allauth',
    'allauth.account',
    'allauth.socialaccount',
    # ... include the Locarise providers:
    'locarise_oauth_clients.allauth.providers.locarise',
)

urls.py:

urlpatterns = patterns('',
    ...
    (r'^accounts/', include('allauth.urls')),
    ...
)

Go to https://accounts.locarise.com/admin and obtain your client_id and client_secret by creating a new Client in the admin interface. The callback uri is <my-site>/accounts/locarise/login/callback/.

django-social-auth Client

Installation

settings.py:

Add django-social-auth to your INSTALLED_APPS:

INSTALLED_APPS = (
    ...
    'social_auth'
)

Add social_auth context processor:

TEMPLATE_CONTEXT_PROCESSORS = (
     ..
     'social_auth.context_processors.social_auth_by_type_backends'
     ...
 )

Add Locarise OAuth2 backend to your AUTHENTICATION_BACKENDS:

AUTHENTICATION_BACKENDS = (
    'locarise_oauth_clients.social_auth.backends.locarise.LocariseOAuth2Backend',
    ...
    'django.contrib.auth.backends.ModelBackend',
)

Setup Social-Auth default authentication pipeline:

SOCIAL_AUTH_PIPELINE = (
    'social_auth.backends.pipeline.social.social_auth_user',
    'locarise_oauth_clients.social_auth.backends.locarise.associate_user_by_uid',
    'social_auth.backends.pipeline.social.associate_user',
    'social_auth.backends.pipeline.social.load_extra_data',
    'social_auth.backends.pipeline.user.update_user_details'
)

Setup required client_secret and client_id obtained from https://accounts.locarise.com/admin admin interface. The callback uri is <my-site>/complete/locarise-oauth2/.

LOCARISE_OAUTH2_CLIENT_ID      = ''
LOCARISE_OAUTH2_CLIENT_SECRET  = ''

urls.py:

urlpatterns = patterns('',
    ...
    url(r'', include('social_auth.urls')),
    ...
)

For more information, refer to django-social-auth documentation

Google Apps Auth for Internal Django Sites

Inspired by this article

The purpose is to let people login with their google accounts only from the locarise.com domain which is managed by Google. The setup is based on django-social-auth.

Installation

In your settings.py:

INSTALLED_APPS = (
    ...
    'social_auth'
)

AUTHENTICATION_BACKENDS = (
    'social_auth.backends.google.GoogleOAuth2Backend',  # putting this 1st means that most users will auth with their Google identity
    'django.contrib.auth.backends.ModelBackend',        # ...but this one means we can still have local admin accounts as a fallback
)

LOGIN_URL          = '/login/google-oauth2/'
LOGIN_ERROR_URL    = '/login-error/'

SOCIAL_AUTH_RAISE_EXCEPTIONS = False
SOCIAL_AUTH_PROCESS_EXCEPTIONS = 'social_auth.utils.log_exceptions_to_messages'  # ...assuming you like the messages framework

GOOGLE_OAUTH2_CLIENT_ID      = 'yourCLIENTidHERE'  # this is on the credentials web page from above
GOOGLE_OAUTH2_CLIENT_SECRET  = 'YOURsecretHERE'    # this is also on the credentials web page from above
GOOGLE_WHITE_LISTED_DOMAINS = ['locarise.com']  # this is what actually limits access

SOCIAL_AUTH_COMPLETE_URL_NAME  = 'socialauth_complete'
SOCIAL_AUTH_ASSOCIATE_URL_NAME = 'socialauth_associate_complete'

In urls.py:

...
from django.contrib.auth.decorators import login_required
from django.contrib.auth.views import logout
from django.views.generic import TemplateView
...

urlpatterns += patterns('',
    url(r'', include('social_auth.urls')),

    url(r'^$', TemplateView.as_view(template_name='login.html')),
    url(r'^logout/$', logout, {'next_page': '/'}, name='gauth_logout'),

    url(r'^login-error/$', TemplateView.as_view(template_name='login-error.html')),

)

In the login.html template:

<p>Use your work email credentials to sign in to this application:
  <a href="{% url 'socialauth_begin' 'google-oauth2' %}?next=/">Sign In</a>
</p>

About

Warning: Deprecated package

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages