I'm trying to implement facebook login with django-rest-auth (a rest wrapper for Allauth).
I have followed their tutorial (showing how to log in, http://django-rest-auth.readthedocs.org/en/latest/installation.html), but I am bit puzzled concerning the registration part.
The login view expects only a token but there is no Social Register view. Does this mean that django-rest-auth does not handle the registration of new users? Or that it is handled in a separate view?
Thank you very much
The Django rest auth has the RegisterView, it will handles the user registration part and return the Auth Token. The LoginView will takes the user credentials and validate the user and authentication.
Related
I have API server written with Adonis JS (it handles REST calls, auth, contain DB). When user login/register successful server return opaque access token.
I need to create Flutter App and it should use existing server. Also i need to add social authentication (google, twitter, facebook). I'm thinking of creating user on my server when social API return user credentials.
But i'm totally confused with the way it should work. How to initiate process of social login (from app or from server?). Who should handle redirects/callbacks from auth app. How to handle case when created user login again with social app.
I will appreciate if someone can describe that process (general overview).
Thank you!
I have a Cognito User Pool and need to prompt users select their country from a dropdown list during registration. As far as I can tell, Cognito doesn't provide the ability to customize the registration page with a dropdown. Is there a way to redirect the "Sign Up" link in the Cognito sign-in page to point to a specific URL so I can provide my own registration page (and use the Cognito APIs to create the user)?
Or, if someone knows of a different way to solve this problem, I'm all ears.
My OIDC clients are websites (i.e., not a mobile apps) and I'm using the authorization code flow.
You can create your own registration page and use AWS cognito SDK or amplify to make calls to cognito. For example, if you are using javascript you can use the following code for your signup calls: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CognitoIdentityServiceProvider.html#signUp-property
I am very new to IdentityServer and Open ID Connect and most of what I know comes through the three walk throughs in the Overview section of the IdentityServer3 documentation. All of those samples demonstrate how to use the Authorize attribute to secure a controller action, which results in a redirect to the IdentityServer-hosted login page. What is the typical or recommended way to provide a Login link in the client application? Could my client application have it's own login page and then call IdentityServer to validate the login and provide a token? If so, is there a sample that shows this? If not, is there a way to have the login link in my application bring up the IdentityServer login page? Is it as simple as securing the Login action with an Authorize attribute?
I don't think it is right that client has its own login page. Imagine you use Facebook as identity provider, and would you expect facebook users to enter their Facebook crediential on your login page?
One method is what you described using server side challenge redirect, or configure your app as a Javascript implicit client - see example , which it builds up authroize challenge URL. Either way user sees login page from identity server.
I have a Workflow application(website) using canjs. The various steps(pages) are preloaded. A user is allowed to explore the app without login. However if the user wishes to save the workflow, they must login. Alternatively the user can login at any of the steps in the workflow.
The application has a provision for users to login using Facebook and Twitter.
The backend consists of Laravel and Socialitelinkpackage take care of the login process.
As Facebook and Twitter use OAUTH the login work flow is as follows :
Client calls a login init route.
The route redirects to a login page of the social login provider(FB or twitter)
User Authenticates/Authorises your app
The user is redirected to a success route (say /success_callback) on your app. At this point we can use Socialite package to get the user information.
The issue I'm facing is that I don't want to reload the APP on the client browser. So how to inform the client from /success_callback if the user has logged in or not, etc.
I want to allow users connect to my website using their facebook account.
First, the user authorizes my application and then I get an access token. Problem is, that I'm supposed on the first time to register the user, and the next time to auto login him based on his facebook email.
How do I create a SECURE way to auto login the user?
I'm using pure javascript, but I can't find any way to create a secure mechanism.
Thanks.
Facebook should handle all that for you - when they come back to your website, they can click the 'login' button(javascript SDK) and facebook should pass you back an access token.
I may, however, have misunderstood the question.