Geek Answers Handbook

How to authenticate Django from Drupal?

I have a medium-sized Drupal 6 site (about 5 million page views per month and more than 30 thousand registered users), and I need to integrate the OSQA application, Django. I already have many users, roles, and permissions in my Drupal database, and I would like to specify a Django application to use the login and login pages that I already have in Drupal to give my users a single entry point.

I want to keep part of Django authentication because I think OSQA will work better. I also have performance considerations, the Drupal site already gets a lot of traffic and has a very busy database, and I think using a separate database for Django will help.

After some research, I think I could have Drupal register and run the Django login pages in the background to register or log in to the Django app. I plan to do this by writing a couple of views in Django, one for registration and one for login, and Drupal will post a username and password for those views. Of course, I need to disable CSRF in Django for these views, and possibly also publish a secret key that only my Drupal and Django applications know to avoid external sites trying to use these "insecure" Django views.

I know that my Django application may need some user data from Drupal in some cases, and I plan to use the Drupal services module for this.

Would this be a good approach? Any suggestions?

Thank you so much!

+3
performance authentication django drupal
source share
3 answers

Are there any plugins for OSQA to open the authentication service that Drupal can talk to? (OpenID or similar).

Alternatively, see the Drupal ldap_integration module for an example module that uses an external authentication service. Think that you will need to create Drupal user accounts for each login.

Finally, why not just create the main parts of the OSQA functionality with Drupal? It seems that key functionality can be easily replicated using taxonomy, voting, and user dots / user icons ... potentially easier than collaborative authentication, especially on a large site.

0
source share

I once created a very simple module [sql_authentication] [1], which you might just re-create for a newer version of Drupal.

The idea is simple: provide Drupal with an alternate authentication callback. In this callback function, just check the Django database and return TRUE if you think the user is right.

You can see how openid.module (in the kernel) extends user authentication for a simple example.

0
source share

If you can send a message to the Django form, you can use drupal_http_request to handle the call in Django. After some use of the ldap_integration module, I worked on a custom authentication module that calls the Java-based REST authentication API using drupal_http_request. If you are interested in code, let me know.

0
source share

More articles:


All Articles