Authentication through Facebook's Graph API. See
[http://developers.facebook.com/docs/authentication/](http://developers.facebook.com/docs/authentication/)
[http://developers.facebook.com/docs/authentication/permissions](http://developers.facebook.com/docs/authentication/permissions)
[http://developers.facebook.com/docs/api](http://developers.facebook.com/docs/api)
[http://github.com/facebook/python-sdk/blob/master/examples/oauth/facebookoauth.py](http://github.com/facebook/python-sdk/blob/master/examples/oauth/facebookoauth.py)
Define the facebook tokens in settings.py and replace <app_name> with the name of your app. You will probably want to modify the scope on the authorize link in the template, see the authentication permissions link.
This updates the user model every time the user logs in but I think that it is okay so the data is always correct. I have tested this but not rigorously. If there is a hole and everyone gets admin rights to your site don't say I didn't warn you :).
Comments are appreciated.
16 June 2010 Added missing imports. Cleaned up the template.
Shouts out to @obeattie and @whalesalad
it is an rewrite of [http://www.djangosnippets.org/snippets/74/]
in settings.py
AUTHENTICATION_BACKENDS = (
'yourproject.email-auth.EmailBackend',
)
Author: chris
If you are an admin of a django site and many times it feels to visualize or experience how a normal website user actually sees different pages of your website. So to get this done, we create a normal user (just for testing purposes) and check the same, which is good. But sometimes we need to actually login as the same person to resolve a issue or to trace a particular exception which only one user or a specific set of users are experiencing.
Usage:login_using_email(request, "[email protected]")
I have mentioned only the helper or core method which is responsible for the actual user "logging-in" simulation. Proper view permissions(remember I mentioned only admins should use this) can be wrapped around it. Any thoughts on improving it? Always invited....
Public Clone Url: [git://gist.github.com/242439.git](git://gist.github.com/242439.git)
If you want anonymous visitors to your site, or parts of your site to be authenticated as real users so that you can treat them as such in your views and models, use this snippet. Add the above AuthenticationBackendAnonymous middleware into AUTHENTICATION_BACKENDS in your settings.py and use the snippet anonymous_or_real(request) in your views, which returns a user. Comment out the bit where it creates a profile if you are not using profiles.
This code uses oracle as an authentication back end. It creates a new connection to the db and attempts to login. If successful it will then create an upper case User account with _ORACLE appended to the username.
My urls.py call:
from django.conf.urls.defaults import *
urlpatterns = patterns('',
(r'^accounts/login/$', 'django.contrib.auth.views.login',
{'template_name': 'login.html'}),
)
My setting.py specific settings:
AUTHENTICATION_BACKENDS = (
'oracleauth.views.OracleAuthBackend',
)
LOGIN_URL = '/accounts/login/'
ORACLE_CONNECT = 'database-host:1521/database'
DEBUG=True
This is a very simple way of getting authenticated RSS feeds in django, by slightly changing the django.contrib.syndication.views
1) copy django/contrib/syndication/views.py into mysite/feeds/views.py
2) replace the contents of that file with the snippet
3) any feeds which you require login just add them to the auth_required list. In this case I require login for /feeds/mystuff/ so I make auth_required = ['mystuff']
My directory structure is like this:
mysite/feeds/
views.py
feedmodels.py
feedmodels.py is just where you make your feed models (see http://docs.djangoproject.com/en/dev/ref/contrib/syndication/ where they give an example of "LatestEntries")
[urls.py] - this is what I add in urls.py
from mysite.feeds.feedmodels import Latest,MyPersonalStuff
feeds = {
'latest':Latest,
'mystuff':MyPersonalStuff,
}
(r'^feeds/(?P<url>.*)/$', 'mysite.feeds.views.feed', {'feed_dict': feeds}),
###########################################################################
This backend will allow you to have users login using either their username or the email address as it is in the User model. In addition, it will allow anyone with the staff priveleges to login as another user. The method is to user the user you wish to masquerade as (either email/username) as the username and then a string of the format *username*/*password* as the password, where *username* is the username of the staff member, and *password* is their password.
If you have another application in the same Apache virtual host and also want to use the authentication from Django - this might help. It uses the Django cookie - so it will not work in another Apache virtual host.
TwitterBackend is the twitter authentication backend. This backend makes use of OAuth based "Sign-in with Twitter"
Configure your settings.py as per [Django - Specifying Authentication Backends](http://docs.djangoproject.com/en/dev/topics/auth/#specifying-authentication-backends)
I use this snippet to simplify my auth system with flash uploader SWFUpload. flash_login_required ensures that the user is authenticated and inject the context dictionnary into the specified template. To redirect a user, just set the variable `context['redirect']` with an url.
Remember to include the cookie js in your template to get the sessionid variable POSTed to your view:
`<script type="text/javascript" src="/static/js/swfupload/swfupload.cookies.js"></script>`
This is a somewhat simpler alternative to [http://www.djangosnippets.org/snippets/243/](http://www.djangosnippets.org/snippets/243/) that does not return a 401 response. It's meant to be used along with the login_required decorator as an alternative way to authenticate to REST-enabled views.
Usage:
@http_basic_auth
@login_required
def my_view(request):
...
If an HTTP basic auth header is provided, the request will be authenticated before the login_required check happens. Otherwise, the normal redirect to login page occurs.
Wraps specified URL patterns with login_required decorator. Allows you to quickly require login for an area of your site based only on a URL pattern.
Similar to [zbyte64's snippet](http://www.djangosnippets.org/snippets/966/)