[英]How to authenticate by Access Token in code using python-social-auth
我有一個REST API,我需要通過Facebook Login API對用戶進行身份驗證。 應該在移動應用程序中獲取訪問令牌(我猜),然后發送到服務器。 所以我在舊教程中找到了一些代碼,但我無法使其工作。 這是代碼:
from social.apps.django_app.utils import strategy
from django.contrib.auth import login
from django.views.decorators.csrf import csrf_exempt
from rest_framework.decorators import api_view, permission_classes
from rest_framework import permissions, status
from django.http import HttpResponse as Response
@strategy()
def auth_by_token(request, backend):
user=request.user
user = backend.do_auth(
access_token=request.DATA.get('access_token'),
user=user.is_authenticated() and user or None
)
if user and user.is_active:
return user
else:
return None
@csrf_exempt
@api_view(['POST'])
@permission_classes((permissions.AllowAny,))
def social_register(request):
auth_token = request.DATA.get('access_token', None)
backend = request.DATA.get('backend', None)
if auth_token and backend:
try:
user = auth_by_token(request, backend)
except Exception, err:
return Response(str(err), status=400)
if user:
login(request, user)
return Response("User logged in", status=status.HTTP_200_OK)
else:
return Response("Bad Credentials", status=403)
else:
return Response("Bad request", status=400)
當我嘗試使用參數發送POST請求時,我收到此錯誤:
'unicode' object has no attribute 'do_auth'
我在官方文檔中找到了一個例子,它使用@psa('social:complete')裝飾器:
from django.contrib.auth import login
from social.apps.django_app.utils import psa
# Define an URL entry to point to this view, call it passing the
# access_token parameter like ?access_token=<token>. The URL entry must
# contain the backend, like this:
#
# url(r'^register-by-token/(?P<backend>[^/]+)/$',
# 'register_by_access_token')
@psa('social:complete')
def register_by_access_token(request, backend):
# This view expects an access_token GET parameter, if it's needed,
# request.backend and request.strategy will be loaded with the current
# backend and strategy.
token = request.GET.get('access_token')
user = backend.do_auth(request.GET.get('access_token'))
if user:
login(request, user)
return 'OK'
else:
return 'ERROR'
但是如果我需要在請求體中傳遞后端名稱呢?
它應該是request.backend.do_auth(request.GET.get('access_token')) 。
我已使用正確的代碼更新了文檔
http://psa.matiasaguirre.net/docs/use_cases.html#signup-by-oauth-access-token
https://python-social-auth.readthedocs.io/en /latest/use_cases.html#signup-by-oauth-access-token 。
您現在可以使用此庫https://github.com/ ,使用來自任何python-social-auth后端(Facebook,Google,Github等)的持有令牌/第三方訪問令牌,針對您的django-rest-framework對您的用戶進行身份驗證PhilipGarnero / Django的休息框架,社會的oauth2
如何使用 python-social-auth 和 django-graphql-auth 返回刷新令牌?
[英]How can I return the refresh token using python-social-auth and django-graphql-auth?
當我嘗試獲取 access_token 時,Python-social-auth 管道返回 TypeError
[英]Python-social-auth pipeline returns TypeError when I'm trying to get access_token
我正在使用python-social-auth查找訪問人員在管道中間使用的后端提供程序
[英]Using python-social-auth I'm looking to access what backend provider the person is using in the middle of the pipeline
使用'hd'param(Django / python-social-auth)限制對某個域的Google OAuth訪問權限
[英]Limit Google OAuth access to one domain using 'hd' param (Django / python-social-auth)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.