I took advantage of this article and posted it. Try Twitter authentication with Django as well.
[Note] twitter OAuth with pyramid http://qiita.com/maueki/items/02f001440ce409641a50
Before Twitter authentication, Django comes with user authentication from the beginning. First, let's look at that.
First, install django.
$ pip install django
This time I tried it with version 1.10.5. Python is 3.5.2. Next, create a Django project and create an administrator user.
$ django-admin startproject myoauth
$ cd myoauth
$ python manage.py migrate
$ python manage.py createsuperuser
Next, create an application.
$ python manage.py startapp app
Add the created app to INSTALLED_APPS in settings.py
. (By the way, it may be good to change the locale setting)
setting.py
INSTALLED_APPS = (
:
'app.apps.AppConfig',
)
LANGUAGE_CODE = 'ja'
TIME_ZONE = 'Asia/Tokyo'
The details of this area can be easily understood by looking at the tutorial of the head family. https://docs.djangoproject.com/ja/1.9/intro/tutorial01/
ʻLogin to urls.py` and specify the url and view for logout. view is prepared as standard. (view is a view with MTV pattern.)
urls.py
import django.contrib.auth.views
urlpatterns = [
:
url(r'^login/$',
django.contrib.auth.views.login,
{
'template_name': 'app/login.html',
},
name='login'),
url(r'^logout/$',
django.contrib.auth.views.logout,
{
'template_name': 'app/logout.html',
},
name='logout'),
]
login.html is prepared like this.
login.html
:
<form method="post" action="{% url 'login' %}">
{% csrf_token %}
<table>
<tr>
<td>{{ form.username.label_tag }}</td>
<td>{{ form.username }}</td>
</tr>
<tr>
<td>{{ form.password.label_tag }}</td>
<td>{{ form.password }}</td>
</tr>
</table>
<input type="submit" value="login" />
<input type="hidden" name="next" value="{{ next }}" />
</form>
:
Describe the URL that will be redirected after logging in to setting.py and the URL that will be moved when you access the restricted page described later.
setting.py
LOGIN_REDIRECT_URL = '/'
LOGIN_URL = '/login/'
If you add the login_required
decorator to your view, you can limit it only if you are logged in. If you are not logged in, you will be redirected to the LOGIN_URL set in setting.py.
views.py
from django.contrib.auth.decorators import login_required
@login_required
def private(request):
...
urls.py
urlpatterns = [
:
url(r'^private/$', app.views.private, name='private'),
]
You can also use the ʻuser_passes_test` decorator to add arbitrary checks to users in Lambda. The example below is limited to superuser privileges.
views.py
from django.contrib.auth.decorators import user_passes_test
@user_passes_test(lambda u: u.is_superuser)
def private(request):
...
Next, try Twitter authentication.
As a preliminary preparation, register the application from the Twitter developer page. https://apps.twitter.com
You will need these two keys.
There seem to be various options, but this time I used social-auth-app-django
. In addition to Twitter, Facebook and GitHub can be used in the same way.
$ pip install python-social-auth[django]
The version I tried this time is 1.0.0.
setting.py
INSTALLED_APPS = (
:
'social_django',
)
TEMPLATES = [
{
:
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
'django.template.context_processors.media',
'django.template.context_processors.static',
'social_django.context_processors.backends',
'social_django.context_processors.login_redirect',
],
},
},
]
AUTHENTICATION_BACKENDS = [
'social_core.backends.twitter.TwitterOAuth',
'django.contrib.auth.backends.ModelBackend',
]
SOCIAL_AUTH_TWITTER_KEY = 'Consumer Key'
SOCIAL_AUTH_TWITTER_SECRET = 'Consumer Secret'
You can prepare a button to skip to Twitter authentication like this.
login.html
<button type="button" onclick="location.href='{% url 'social:begin' 'twitter' %}'">Twitter</button>
urls.py
urlpatterns = [
:
url(r'', include('social_django.urls', namespace = 'social')),
]
Since I added the application, I will migrate it at the end.
$ python manage.py migrate
You can now authenticate with Twitter. After authentication, it will be added to Django's standard user model, so you can check the login status in the same way as standard user authentication.
Recommended Posts