Install this package to your python distribution:
pip install rest-social-auth
Do the settings
Install apps
INSTALLED_APPS = (
...
'rest_framework',
'rest_framework.authtoken', # only if you use token authentication
'social_django', # django social auth
'rest_social_auth', # this package
'knox', # Only if you use django-rest-knox
)
social auth settings, look
documentation
for more details
SOCIAL_AUTH_FACEBOOK_KEY = 'your app client id'
SOCIAL_AUTH_FACEBOOK_SECRET = 'your app client secret'
SOCIAL_AUTH_FACEBOOK_SCOPE = ['email', ] # optional
SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = {'locale': 'ru_RU'} # optional
AUTHENTICATION_BACKENDS = (
'social_core.backends.facebook.FacebookOAuth2',
# and maybe some others ...
'django.contrib.auth.backends.ModelBackend',
)
Also look optional settings avaliable.
Make sure everything is up do date
python manage.py migrate
Include rest social urls (choose at least one)
4.1 session
authentication
url(r'^api/login/', include('rest_social_auth.urls_session')),
4.2 token
authentication
url(r'^api/login/', include('rest_social_auth.urls_token')),
4.3 jwt
authentication
url(r'^api/login/', include('rest_social_auth.urls_jwt')),
4.4 knox
authentication
url(r'^api/login/', include('rest_social_auth.urls_knox')),
You are ready to login users
Following examples are for OAuth 2.0.
5.1 session authentication
POST /api/login/social/session/
input:
{
"provider": "facebook",
"code": "AQBPBBTjbdnehj51"
}
output:
{
"username": "Alex",
"email": "user@email.com",
// other user data
}
+ session id in cookies
5.2 token authentication
POST /api/login/social/token/
input:
{
"provider": "facebook",
"code": "AQBPBBTjbdnehj51"
}
output:
{
"token": "68ded41d89f6a28da050f882998b2ea1decebbe0"
}
POST /api/login/social/token_user/
input:
{
"provider": "facebook",
"code": "AQBPBBTjbdnehj51"
}
output:
{
"username": "Alex",
"email": "user@email.com",
// other user data
"token": "68ded41d89f6a28da050f882998b2ea1decebbe0"
}
5.3 jwt authentication
POST /api/login/social/jwt/
POST /api/login/social/jwt_user/
Similar to token authentication, but token is JSON Web Token.
See JWT.io for details.
To use it,
django-rest-framework-jwt
must be installed.
5.4 knox authentication
POST /api/login/social/knox/
POST /api/login/social/knox_user/
Similar to jwt/token authentication, but token is a Django Rest
Knox Token.
To use it,
django-rest-knox
must be installed.
User model is taken from
`settings.AUTH_USER_MODEL <https://docs.djangoproject.com/en/dev/topics/auth/customizing/#substituting-a-custom-user-model>`__.
At input there is also non-required field redirect_uri. If given,
server will use this redirect uri in requests, instead of uri got
from settings. This redirect_uri must be equal in front-end request
and in back-end request. Back-end will not do any redirect in fact.
It is also possible to specify provider in url, not in request body.
Just append it to the url:
POST /api/login/social/session/facebook/
Don’t need to specify it in body now:
{
"code": "AQBPBBTjbdnehj51"
}