我有一个移动应用程序,允许用户通过Facebook注册。从FB收到访问令牌后,我将其发送到Django后端。
但那又怎么样?
django-allauth中是否有一个方法可以提供访问令牌以使其创建新的用户/社交帐户?
或者我是否需要手动完成所有操作?
答案 0 :(得分:6)
在发布问题后,我似乎总是想出答案。在任何情况下,以下是UserResource上的自定义方法(使用ApiKeyAuthentication的tastypie api)。其中大部分来自allauth.socialaccount.providers.facebook.views中的login_by_token方法。
如果有人发布更好的答案,我暂时不会选择正确的答案。
def facebook_login(self, request, **kwargs):
self.method_check(request, allowed=['post'])
data = self.deserialize(request, request.raw_post_data, format=request.META.get('CONTENT_TYPE', 'application/json'))
access_token = data.get('access_token', '')
from allauth.socialaccount import providers
from allauth.socialaccount.models import SocialLogin, SocialToken, SocialApp
from allauth.socialaccount.providers.facebook.views import fb_complete_login
from allauth.socialaccount.helpers import complete_social_login
try:
app = SocialApp.objects.get(provider="facebook")
token = SocialToken(app=app,
token=access_token)
login = fb_complete_login(app, token)
login.token = token
login.state = SocialLogin.state_from_request(request)
ret = complete_social_login(request, login)
#if we get here we've succeeded
return self.create_response(request, {
'success': True,
'username': request.user.username,
'user_id': request.user.pk,
'api_key': request.user.api_key.key,
} )
except:
# FIXME: Catch only what is needed
return self.create_response(request, {
'success': False,
'reason': "Bad Access Token",
}, HttpForbidden )
答案 1 :(得分:1)
工作源代码: 在类UserResource(ModelResource)中:
def override_urls(self):
return [
url(r"^(?P<resource_name>%s)/facebook_login%s$" %
(self._meta.resource_name, trailing_slash()),
self.wrap_view('facebook_login'), name="api_facebook_login"),
]
def facebook_login(self, request, **kwargs):
self.method_check(request, allowed=['post'])
data = self.deserialize(
request,
request.raw_post_data,
format=request.META.get('CONTENT_TYPE', 'applicaton/json'))
access_token = data.get('access_token', '')
print(access_token)
from allauth.socialaccount import providers
from allauth.socialaccount.models import SocialLogin, SocialToken, SocialApp
from allauth.socialaccount.providers.facebook.views import fb_complete_login
from allauth.socialaccount.helpers import complete_social_login
try:
app = SocialApp.objects.get(provider="facebook")
print(app)
token = SocialToken(app=app,
token=access_token)
login = fb_complete_login(app, token)
login.token = token
login.state = SocialLogin.state_from_request(request)
ret = complete_social_login(request, login)
#if we get here we've succeeded
return self.create_response(request, {
'success': True,
'username': request.user.username,
'user_id': request.user.pk,
'api_key': request.user.api_key.key,
} )
except:
# FIXME: Catch only what is needed
return self.create_response(request, {
'success': False,
'reason': "Bad Access Token",
}, HttpForbidden )
然后:
curl --dump-header - -H“Content-Type:application / json”-X POST --data'{“access_token”:“xxxxxxxx”}'http://xx.xxxxxx.com:8000/api/v1/user/facebook_login/
测试OK,创建用户OK。
谢谢。
答案 2 :(得分:1)
现代读者(2017)可能想看看django-rest-auth,它建立在allauth的基础上,但是考虑到单页应用而构建:
http://django-rest-auth.readthedocs.io/en/latest/introduction.html