stackoom
  简体   繁体   中英

How to permit only users with a particular domain to login? Django google authentication

 原文  2022-04-30 22:55:56       python/ django/ google-authentication/ python-social-auth

Question

I'm trying to limit the access to a page only to logged users. I used the google authentication, but it let every account to log in; instead i want to avoid every domains different from 'fermi.mo.it'. A google account like luca@gmail.com shouldn't be able to login, while an account like luca@fermi.mo.it should be able to.

I noticed this code to make it, but it doesnt work. It says: "No module named 'social_core'" but i installed it.

AUTHENTICATION_BACKENDS = (
    'social_core.backends.google.GoogleOAuth2',
    'django.contrib.auth.backends.ModelBackend',
)
SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = ['fermi.mo.it']

These are all the modules that i installed:

2 answers

solution1
 0  2022-05-01 00:32:58

If django is not able to find the module, make sure that you have added the 'social_django' ro installed apps.

Other soution is that you can create a validator at level Serializer or model according you. Which of them choose? That's other topic.

  1. Django Model field validation vs DRF Serializer field validation
  2. How to validate against full model data in DjangoREST Framework

You only have to check if the email contains the string 'fermi.mo.it' . If don't, raise and exception.

The documentation of each one: Django Validators and Validators DRF .

solution2
 0  2022-08-30 13:20:05

I can see that OP has already installed the app

pip install social-auth-app-django

So, now OP needs to

1 Ensure one has added the application to INSTALLED_APPS setting 

INSTALLED_APPS = (
    ...
    'social_django',
    ...
)

2 After that, sync the database to create needed models 

./manage.py migrate

3 Then, one wants to limit the emails that Google shows in the list 

SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS = {
        'hd': 'fermi.mo.it'
    }

Since OP wants

to allow everyone for @companyname.net and only some specific others from other domains.

then OP can keep using SOCIAL_AUTH_<BACKEND_NAME>_WHITELISTED_DOMAINS as OP is already doing and also introduce SOCIAL_AUTH_<BACKEND_NAME>_WHITELISTED_EMAILS to add the specific emails OP wants also to login.

4 Finally, one wants to limit the emails that can sign in 

SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = ['fermi.mo.it']

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to restrict the login google api with specific domain name only? Django only login for shell created users How to crawl links to a particular domain by searching on Google? how to add otp authentication in django login page django login users to their portal Login and Authentication in Django Django user login authentication How to display all the users created by a particular user in django? How to get the most liked users on a particular date in django how to prevent normal users to access the particular html page in django?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM