Just had a question about integrating external auth with my React/Django application. I'm using a provisioned client instance from my company so it's not Google, Facebook, or all the other social auth backends that exist as django packages. I'd like to be able to SSO authenticate Django user objects via OAuth or SAML in order to use permissions. Some client libraries don't login Django users because they can simply use the external API on the frontend. Others have no native support for a provider outside the scope of popular social networks.
I suppose I could just create an api endpoint as a OAuth callback taking the code from the query string, sending a request to exchange the code for a token, decode the token for the userinfo, use the userinfo to either get or create a user, and then login a user. But this is pretty painstaking process. And I'm not sure about the security implications. Is there anything you would suggest? I'm open to using SAML but again I have no idea where to start with Django.
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/e984e97a-7cfb-474c-a36b-ab2ae0acc662%40googlegroups.com.
No comments:
Post a Comment