Zero Footprint Python-Social-Auth authentication
Question
My site has regular users that use the django default User model, but for one particular functionality, I want people to be able to login using their social accounts (twitter, fb..etc) using python-social-auth without having these logins saved in the database with the user model (no accounts created, no ability to do certain normal user tasks) and with a session timeout.
I looked around for ways to do that but my little research bore no fruit. Any ideas?
Summary:
- Separation between normal users and social (so I can limit what social auth'd users can do)
- Session timeout for social auth'd users
- No addition in the User table for social auth'd users (no footprint).
- Optional: Obtain their social username and id for logging purposes.
Thanks
2 answers
solution1
1 2014-04-26 16:27:38
You can differentiate the social user by adding a custom user model for python-social-auth by adding the setting SOCIAL_AUTH_USER_MODEL . Check the setting docs at http://psa.matiasaguirre.net/docs/configuration/settings.html#user-model
solution2
0 ACCPTED 2014-04-25 23:05:49
I would try to approach this problem by using django.contrib.auth.models.Group and django.contrib.auth.models.Permission . Create one general group with custom permissions to your apps' functionality and add all your normal users to that.
Save accounts created by python-social-auth in default django.contrib.auth.models.User but create seperate Group without any permissions for them.
If necessary create some scheduled task ( either with cronjob or Celery ) which will go through users and deactivate/delete those who expired.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.