Geek Answers Handbook

Easy registration + login using OAuth 2.0


I'm a little confused about OpenID OAuth stuff. (by OAuth - I mean OAuth 2.0 here and later)

My goal is to create a site with OpenID (or OAuth) auth, as well as a legacy email + password. The site will be hosted on the django framework. (Python) I understand the difference between OAuth and OpenID and the difference between authorization and authentication.
My main goal is to implement openid login with Google as an identity provider.

The input and register of the stream should be the same as on many sites. As I can see:

:

1) the user enters a public URL (google google button)

2) the user is redirected to the auth provider (google) page says: "Amazing site" ask for you: email, language, country ...

3) the user says yes .. redirected backstage "Amazing Site" repeats the email language and other user information using the access token

4) The user fills in other data required in the profile. and that’s it .. Now registered.

login script:

1) the user enters a public URL (google google button)

1.a) if the user has already logged in through the service provider auth hmm ... I don’t understand .. but somehow the user logs in without displaying the provider page (maybe it closes quickly?)

1.b) if the user has not logged in, then the provider displays the login page and redirects back to the amazing site with success.

, : OAuth Hybrid ( OpenID + OAuth) .

, :

  • , .    , .. someones    "https://www.googleapis.com/auth/userinfo#email"    , .. .., ?
  • OAuth -    -    wuth OAuth    OpenID?
  • OAuth 2.0 ?    1.0,    ?   ( , 1.0 , 3 .     2.0 , ..     ,     )
  • :    google api docs :   
    •   
    • Google---   
    • OpenID--OpenID   
    • gdata-python-client           (, api google- ,             hm.. http://code.google.com/intl/ru/apis/gdata/docs/auth/oauth.html                         )   
    • python-oauth-client (http://code.google.com/p/python-oauth-client/)   
    • , :   http://your-move.appspot.com( : https://github.com/sje397/Chess)   , , google.app.engine lib    google.appengine.api   
     , ?
  • , :    :       http://code.google.com/p/google-api-python-client/source/browse/samples/oauth2/django_sample/buzz/views.py    38-44: ( .. 29)    .. . ( ) ? libs, , , .
  • : auth . (google). , .. , .. . , : facebook? ?
+6
3

, OpenID OAuth 2.0 - .

, , - , OAuth 2.0 - AuthorizationServer.

: 1. , , .

  1. OAuth - . Google , , - Google, - - , - , . OAuth , .

  2. - , . OAuth 2.0 , AuthorizationServer auth- .

  3. python, , , , OAuth 2.0. libs , .

+1

, open-id.

SocialAuth auth packages .

0

Google Facebook ( Twitter) OAuth/OpenID, , SSL . Github, . SimpleLogin (Disclaimer: SimpleLogin), localhost . https://docs.simplelogin.io.

If you want to know more about OAuth / OpenID, I think it's best to implement redirection and callback yourself. Later, it is better to use a library for this, since they more closely follow the protocol. A very good article on this topic for Django is https://scotch.io/tutorials/django-authentication-with-facebook-instagram-and-linkedin .

0
source

More articles:


All Articles