使用django allauth连接facebook phonegap登录 [英] Connect facebook phonegap login with django allauth
问题描述
我正在建立一个应用程式,允许使用者使用 Facebook 注册/登入,然后他就可以登入(总是透过 Facebook )。到主要网站
I'm building up an app that should allow the user to sign up / sign in with Facebook and then he should be able to login (always via Facebook) to the "main" website
说实话,这比这更复杂。这是因为我使用 django-tastypie 和 django-allauth ,以便注册,登录和浏览我们的 API
To be honest it's a bit more complicated than this. That's because I'm using django-tastypie and django-allauth in the main website to allow sign up, login, and browsing of our API
基本上,我想让移动应用程序用户浏览tastypie API(只有在记录时才可访问,如果您是主网站中的用户),并授予他添加行(如订单)的权限
Basically I want to make the mobile app user browse the tastypie API (accessible only if logged and if you're an user in the main website) and grant him the rights to add rows (like orders)
这是我有的
- 一个phonegap应用程序,
- 一个使用django-allauth和django-tastypie的网站,使我使用allauth的Facebook登录注册为新用户
- 如果移动用户通过Facebook进行注册,则在主网站上没有跟踪(这是问题)
- A phonegap app with a working Facebook login (I'm working on that right now)
- A website with django-allauth and django-tastypie that makes me register as a new user using the allauth's Facebook login
- No trace on the main website if the mobile user is doing a sign up via Facebook (this is the problem)
我基本上很困惑我应该如何使用访问令牌和如何传递进一步的参数(我不需要只有Facebook信息完成注册,但一些自定义字段太)
I'm basically confused how I should work with access tokens and how to pass further parameters (I don't need only the Facebook infos to complete the registration, but some custom fields too)
任何人都有这方面的经验,或者想揭露他的工作流程?
Anyone got experiences on this or would like to expose his workflow?
推荐答案
做事情是离开所有注册相关的功能到网站。在你的phonegap应用程序,你可以简单地将用户指向/ accounts / login /使用应用程序内浏览器(IAB)。 IAB具有应该监视的事件,如 loadstart 和 exit 。监视用户是否成功登录的一种简单方法是在登录结束时将他重定向到特定的URL,例如/ accounts / login / complete /。如果您将一个令牌附加到该返回URL(如/ accounts / login / complete /?token = 123),您将能够在您的应用程序中解析该令牌。您可以简单地使用会话ID作为令牌。
One common way of doing things is to leave all registration related functionality up to the website. In your phonegap app you can simply point the user to /accounts/login/ using the In-App-Browser (IAB). The IAB has events like loadstart and exit that you should monitor. A simple way of monitoring whether or not the user is successfully logged in is to have him redirected to a specific url, say /accounts/login/complete/, at the end of the login. If you attach a token to that return url (as in /accounts/login/complete/?token=123) you will be able to parse that token in your app. You could simply use the session ID as a token.
一种更安全的方法是使用django-oauth2-provider应用程式,并且实际执行适当的oauth握手。处理几乎是一样的。使用IAB open / oauth / authenticate /,您将被要求使用allauth登录,然后会出现一个oauth2确认对话框,然后将oauth授权代码传递给成功URL。你可以从phonegap和使用AJAX调用从phonegap应用程序中选择该代码,您可以获取oauth访问令牌。 btw,django-rest-framework具有对django-oauth2-provider的内置支持(不知道tastypie)。
A more secure way is to use the django-oauth2-provider app and actually implement a proper oauth handshake. Handling that is almost the same. Using IAB open /oauth/authenticate/, you will be asked to login using allauth, then an oauth2 confirmation dialog appears, after which the oauth grant code is passed to a success URL. You can pick that code up from phonegap and using AJAX calls from within the phonegap app you can fetch the oauth access token. Btw, django-rest-framework has builtin support for django-oauth2-provider (don't know about tastypie).
一个完全不同的方法是实现Facebook登录在您的移动应用程序,完全独立于网站。登录后,您将被移交Facebook访问令牌。现在,您可以将此令牌发送到网站。给定令牌,网站可以抓取用户( https://graph.facebook.com/me?access_token= .. ),检查该用户是否已知,如果是,则为该用户返回一个适当的令牌/会话,否则创建用户帐户并返回一个令牌。
A completely different approach is to implement a Facebook login in your mobile app, completely independent from the web site. Once logged in you'll be handed over a Facebook access token. Now, you can send this token over to the web site. Given the token, the website can fetch the user (https://graph.facebook.com/me?access_token=...), check whether or not that user is already known, if so return an appropriate token/session for that user, if not, create the user account and also return a token.
这篇关于使用django allauth连接facebook phonegap登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
