Django allauth社交登录:使用注册的电子邮件自动链接社交网站个人资料 [英] Django allauth social login: automatically linking social site profiles using the registered email
问题描述
我的目标是为Django网站的用户创建最简单的登录体验。我想象如下:
I aim to create the easiest login experience possible for the users of my Django site. I imagine something like:
- 登录屏幕显示给用户
- 用户选择使用Facebook登录或Google
- 用户在外部网站输入密码
- 用户可以通过身份验证的用户与我的网站进行交互
- Login screen is presented to user
- User selects to login with Facebook or Google
- User enter password in external site
- User can interact with my site as an authenticated user
好的,这部分很简单,只需安装 django-allauth 并进行配置。
但是,我也想给本地用户使用该网站的选项。这将有另一个步骤:
But I also want to give the option to use the site with a local user. It would have another step:
- 登录屏幕显示给用户
- 用户选择注册
- 用户输入凭据
- 网站发送验证电子邮件
- 用户点击电子邮件链接,并可以与我站点作为认证用户
- Login screen is presented to user
- User selects to register
- User enter credentials
- Site sends a verification email
- User clicks in email link and can interact with my site as an authenticated user
好的,默认身份验证和allauth都可以。但现在是百万美元的问题。
Ok, both the default authentication and allauth can do it. But now is the million dollars question.
如果他们更改登录方式,我如何自动关联他们的Google, FB和本地帐户?
If they change how they do the login, how do I automatically associate their Google, FB and local accounts?
看到他们登录的任何方式,我有他们的电子邮件地址。有可能使用django-allauth吗?我知道我可以使用用户干预。今天的默认行为是拒绝登录,表示电子邮件已经注册。
See that any way they login, I have their email address. Is it possible to do it using django-allauth? I know I can do it with user intervention. Today the default behavior is to refuse the login saying that the email is already registered.
如果不可能只做配置,我会接受答案这给我一些方向,我应该在allauth代码中进行哪些修改来支持这个工作流。
If it isn't possible to do just with configuration, I'll accept the answer that gives me some orientation about which modifications should I make in allauth code to support this workflow.
有很多理由这样做。用户将忘记用于验证哪种方法,有时候会使用Google,有时候会使用FB,有时也会使用本地用户帐户。我们已经有很多本地用户帐户和社交帐户将是一个新功能。我希望用户保持身份。我设想可能要求用户的朋友列表,所以如果他们使用Google登录,我也想拥有他们的FB帐户。
There are a lot of reasons to do this. The users will forget which method they used to authenticate, and will sometimes use Google, sometimes FB and sometimes the local user account. We already have a lot of local user accounts and social accounts will be a new feature. I want the users to maintain their identity. I envision the possibility to ask for the user friends list, so if they logged using Google, I'd like to also have their FB account.
这是一个爱好网站,没有很大的安全要求,所以请不要回答这不是一个明智的安全实现。
It is a hobby site, there isn't great security requirements, so please don't answer that this isn't a wise security implementation.
之后,我将创建一个自定义用户模型只将该电子邮件作为登录ID。但是,我会很高兴能够自动关联具有所需用户名的默认用户模型的帐户的答案。
Later, I'd create a custom user model to have just the email as the login id. But I'll be happy with an answer that just let me automatically associate a accounts of the default user model that has a required username.
我正在使用Django == 1.5.4和django-allauth == 0.13.0
I'm using Django==1.5.4 and django-allauth==0.13.0
推荐答案
您将需要覆盖该社交登录适配器,具体来说, pre_social_login 方法,这是在与社交提供者身份验证之后调用的,但在此登录之前由allauth处理
You will need to override the sociallogin adapter, specifically, the pre_social_login method, which is called after authentication with the social provider, but before this login is processed by allauth.
在 my_adapter.py 中,执行此操作
from django.contrib.auth.models import User
from allauth.account.models import EmailAccount
from allauth.exceptions import ImmediateHttpResponse
from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
class MyAdapter(DefaultSocialAccountAdapter):
def pre_social_login(self, request, sociallogin):
# This isn't tested, but should work
try:
user = User.objects.get(email=sociallogin.email)
sociallogin.connect(request, user)
# Create a response object
raise ImmediateHttpResponse(response)
except User.DoesNotExist:
pass
在您的设置中,将社交适配器更改为适配器
And in your settings, change the social adapter to your adapter
SOCIALACCOUNT_ADAPTER = 'myapp.my_adapter.MyAdapter`
您应该可以通过这种方式将多个社交帐户连接到一个用户。
And you should be able to connect multiple social accounts to one user this way.
这篇关于Django allauth社交登录:使用注册的电子邮件自动链接社交网站个人资料的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
