Unified Authentication Process Based on Django-OAuth-Toolkit (Single Sign-On)

This article focuses on Django’s single sign-on authentication, where Django acts as an authentication server rather than transferring sign-on to a third party;


Of course, the closing code can also be used for third-party authentication and Django acts as the request authentication

In users/models.py say:

from django.contrib.auth.models import AbstractUser

class User(AbstractUser):
    pass

In the Settings

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'users',
]

AUTH_USER_MODEL='users.User'
pip install django-oauth-toolkit

In the Settings

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'users',
    'oauth2_provider',
]

If you have any problems with django-oauth-toolkit installation, you can reduce the installation of django-oauth-toolkit installation. In general, there is no problem with version 1.2

Django 3.2.2 Django - request - toolkit 1.2.0
python manage.py makemigrations
python manage.py migrate

Urls. Py

from django.contrib import admin
from django.urls import include, path

urlpatterns = [
    path('admin/', admin.site.urls),
    path('auth/', include('oauth2_provider.urls', namespace='oauth2_provider')),
]

In the Settings

LOGIN_URL='/admin/login/'

Create a super administrator

python manage.py createsuperuser

Username: wiliam
Email address: [email protected]
Password:
Password (again):
Superuser created successfully.

Perform the django

python manage.py runserver

Open a website to register for apps that require single sign-on

http://127.0.0.1:8000/auth/applications/register/

Get client_id and secret

export ID=4MWIs4sw6DEo0sC6PbbKqJOU4PyY1zIwMGRDvGEf export SECRET=hRo89PCekK3lV7u5MuWcW0a28LHMWxosLIYittiBSxOz7YrM08zuYSbNK7hnULy9DIS53rzT9XTFWkD1D93r2MhX24cnt9edSphAXsmarHPJyXZ5n Wh6xl0JTkSnJb0W

Use the following URL to request

http://127.0.0.1:8000/auth/authorize/?response_type=code&client_id=4MWIs4sw6DEo0sC6PbbKqJOU4PyY1zIwMGRDvGEf&redirect_uri = http://127.0.0.1:8000

Upon successful login, you will be redirected to the redirect_uri of the URL above

The next step is to get the access_token

from django.views import View import requests class OauthLogin(View): def get(self, request): Code = request. GET. GET (' code ') print (' code: 'code) url =' http://127.0.0.1:8000/auth/token/ 'data = {' client_id: '4MWIs4sw6DEo0sC6PbbKqJOU4PyY1zIwMGRDvGEf', 'client_secret': 'hRo89PCekK3lV7u5MuWcW0a28LHMWxosLIYittiBSxOz7YrM08zuYSbNK7hnULy9DIS53rzT9XTFWkD1D93r2MhX24cnt9edSphAXsmarHPJyXZ5nWh6xl0 JTkSnJb0W ', 'code' : code, 'redirect_uri' : 'http://127.0.0.1:8000/user/auth_login', 'grant_type' : 'authorization_code', } headers = { 'Content-Type': 'application/x-www-form-urlencoded', } res = requests.post(url, data=data, headers=headers) print('res:', res.json())

  • Authorization in the header carries the JSON parameters from the previous step: token_type, access_token

    access_token = res.json().get('access_token') token_type = res.json().get('token_type') token_header = { 'Authorization': '{} {}'. The format (token_type, access_token)} res = requests. Get (' http://127.0.0.1:8000/user/demo/ ', headers=token_header) print('res:', res.text)