如何使用python-social-auth在代码中通过Access Token进行身份验证
[英]How to authenticate by Access Token in code using python-social-auth
问题描述
I have a REST API and I need to authenticate users via Facebook Login API. 
我有一个REST API,我需要通过Facebook Login API对用户进行身份验证。 Access Token should be obtained in mobile app (I guess) and then sent to the server. 应该在移动应用程序中获取访问令牌(我猜),然后发送到服务器。 So I have found some code in old tutorial and I can't make it work. 所以我在旧教程中找到了一些代码,但我无法使其工作。 Here's the code: 这是代码:
from social.apps.django_app.utils import strategy
from django.contrib.auth import login
from django.views.decorators.csrf import csrf_exempt
from rest_framework.decorators import api_view, permission_classes
from rest_framework import permissions, status
from django.http import HttpResponse as Response
@strategy()
def auth_by_token(request, backend):
user=request.user
user = backend.do_auth(
access_token=request.DATA.get('access_token'),
user=user.is_authenticated() and user or None
)
if user and user.is_active:
return user
else:
return None
@csrf_exempt
@api_view(['POST'])
@permission_classes((permissions.AllowAny,))
def social_register(request):
auth_token = request.DATA.get('access_token', None)
backend = request.DATA.get('backend', None)
if auth_token and backend:
try:
user = auth_by_token(request, backend)
except Exception, err:
return Response(str(err), status=400)
if user:
login(request, user)
return Response("User logged in", status=status.HTTP_200_OK)
else:
return Response("Bad Credentials", status=403)
else:
return Response("Bad request", status=400)
When I try to send POST request with parameters, I get this error: 当我尝试使用参数发送POST请求时,我收到此错误:
'unicode' object has no attribute 'do_auth'
I found an example in official documentation , it uses @psa('social:complete') decorator: 我在官方文档中找到了一个例子,它使用@psa('social:complete')装饰器:
from django.contrib.auth import login
from social.apps.django_app.utils import psa
# Define an URL entry to point to this view, call it passing the
# access_token parameter like ?access_token=<token>. The URL entry must
# contain the backend, like this:
#
# url(r'^register-by-token/(?P<backend>[^/]+)/$',
# 'register_by_access_token')
@psa('social:complete')
def register_by_access_token(request, backend):
# This view expects an access_token GET parameter, if it's needed,
# request.backend and request.strategy will be loaded with the current
# backend and strategy.
token = request.GET.get('access_token')
user = backend.do_auth(request.GET.get('access_token'))
if user:
login(request, user)
return 'OK'
else:
return 'ERROR'
But what if I need to pass backend name in request body? 但是如果我需要在请求体中传递后端名称呢?
2 个解决方案
解决方案1
4 已采纳 2014-10-31 18:30:01
It should be request.backend.do_auth(request.GET.get('access_token')) . 它应该是request.backend.do_auth(request.GET.get('access_token')) 。
I've updated the docs with the right snippet
http://psa.matiasaguirre.net/docs/use_cases.html#signup-by-oauth-access-token
https://python-social-auth.readthedocs.io/en/latest/use_cases.html#signup-by-oauth-access-token . 我已使用正确的代码更新了文档
http://psa.matiasaguirre.net/docs/use_cases.html#signup-by-oauth-access-token
https://python-social-auth.readthedocs.io/en /latest/use_cases.html#signup-by-oauth-access-token 。
解决方案2
2 2015-04-16 07:57:29
您现在可以使用此库https://github.com/ ,使用来自任何python-social-auth后端(Facebook,Google,Github等)的持有令牌/第三方访问令牌,针对您的django-rest-framework对您的用户进行身份验证PhilipGarnero / Django的休息框架,社会的oauth2
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.