使用django-social-auth注销 [英] Logout with django-social-auth
问题描述
我可以登录。
但是,当我尝试使用 django.contrib.auth.logout
注销时,它不会注销。
注销方式是什么?
谢谢。
p>您是否尝试从Django应用程序注销,还是想忘记Twitter访问?通常,twitter认证令牌被存储以便下次用户想要连接到twitter时进行简化登录,因此用户不必再次接受访问。
Django注销
如果您只想从Django身份验证系统注销,应该使用 django.contrib.auth.views .logout
查看或创建自定义注销视图。
社会认证断开连接
要完全取消链接/断开社交帐户,您需要使用social-auth中的断开连接功能。您可以使用以下模板标签获取断开连接网址:
{%urlsocialauth_disconnectbackend-name%}
有关更多信息,请参阅 http://django-social-auth.readthedocs.org/en/v0.7.22/configuration。 html#links-in-your-templates 。
强制批准提示
已经允许您的应用访问OAuth提供商,认证提供商将记住该决定。通常有两种方法强制确认访问权限:
- 撤销您的认证提供商的管理控制台中的访问权限(例如不允许twitter应用访问)。
- 设置一个额外的OAuth参数,强制批准提示。我不知道Twitter是否提供这样的东西,但如果您使用Google OAuth2,您可以将
{'approval_prompt':'force'}
添加到GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS
设置。
I am dabbling a little with django-social-auth using twitter authentication.
I can login.
But, when I try to log out using django.contrib.auth.logout
, it doesn't log out.
What's the way to logout?
Thanks.
Are you trying to log out just from the Django app or do you want to "forget" the Twitter access? Usually the twitter auth token is stored for simplified login the next time a user wants to connect to twitter, so the user doesn't have to "accept" the access again.
Django logout
If you just want to logout from the Django auth system, it should be enough to use the django.contrib.auth.views.logout
view or to create a custom logout view.
Social auth disconnect
To completely unlink/disconnect a social account, you need to use the disconnect functions in social-auth. You can get the disconnect url using the following template tag:
{% url "socialauth_disconnect" "backend-name" %}
For more information, please refer to http://django-social-auth.readthedocs.org/en/v0.7.22/configuration.html#linking-in-your-templates.
Force approval prompt
Because you've already allowed your app access to the OAuth provider, the auth provider will remember that decision. There are usually two ways to force a confirmation of that access permission:
- Revoke the access permission in the management console of your auth provider (e.g. disapprove twitter app access).
- Set an extra OAuth argument that forces the approval prompt. I'm not sure if Twitter provides such a thing, but if you're using Google OAuth2 you can simply add
{'approval_prompt': 'force'}
to theGOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS
setting.
这篇关于使用django-social-auth注销的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!