How to Authenticate a Django user from another application
Question
I want to redirect a user from my Django application to another web application. Only permitted users can be allowed access to visit the other web application, this permission is set in the Django User model. I want that other web application to verify whether the visited user has permission by querying the Django application using API endpoint.
But the other web application no longer has the request.user parameter or other way to authenticate the user based on Django User model (don't wan't him to login again). Is there any way like setting a cross-domain session cookie or something, i can achieve it?
1 answers
solution1
0 2017-06-03 23:39:09
I did that recently.
You don't even need the second app to retrieve the users, you can create those users on the fly!
On the first app, have them click a url that will do a very special GET request to the other app.
The GET request will encode a few variables with hmac. Name, emails, or any other values you need using a particular SECRET_KEY that both server will share.
In the second app, you can decode that request with the same SECRET_KEY and log in your user.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.