Tuesday, April 26, 2016

Re: Using django login functionality in a non django app

Well, the issue with simply implementing auth, is that we'd need to
not only implement login, which is easy, but also forgot password, and
all the user admin functions. Since we have that already with django I
want to leverage that and not reinvent the wheel.

On Tue, Apr 26, 2016 at 2:29 AM, Gergely Polonkai <gergely@polonkai.eu> wrote:
> Now I somewhat understand what falcon is, I suggest that you simply
> implement auth on you web app (it seems to me there is none or little right
> now. Of course, you don't have to protect all iour views, or you may want to
> display a different dataset, but that's another topic.
>
> When that is done, you have to do two things in your Qt app. First, make
> sure that when the server says that you are not authorized, pop up a login
> window. After a successful login, store the user's credentials for later
> use. What type of authentication to use and what to store is up to your
> decision: HTTP Basic (store user/password), HTTP session (store the session
> cookie) or token (store the token) based auths are the most common examples.
>
> Best,
> Gergely
>
> On Apr 26, 2016 00:09, "Larry Martell" <larry.martell@gmail.com> wrote:
>>
>> The Qt app talks to the server with web requests routed to python code
>> by falcon. It currently has no authentication/authorization of any
>> kind. It's not a web app, you can't just navigate to any page, you can
>> only get to parts of the app the code lets you get to.
>>
>> The way I envision it (if possible) is that I would have a decorator
>> just like @login_required, and if that is called and the user is not
>> logged in, it would invoke the django login page - just like it works
>> in django. I think I can do most of this, the part I am unclear on is
>> how I get control from the django login page back to the Qt app.
>>
>> On Mon, Apr 25, 2016 at 5:26 PM, Gergely Polonkai <gergely@polonkai.eu>
>> wrote:
>> > Hello,
>> >
>> > this all depends on how this Qt app communicates with the other end
>> > (server
>> > side). Does it offer *any* kind of authentication/authorization? If so,
>> > look
>> > for ways to integrate it with Django. If not, you are screwed anyway
>> > (from
>> > security point of view), because even if your app pops up a login
>> > screen,
>> > there can (and will) be ways to get around it.
>> >
>> > Best,
>> > Gergely
>> >
>> > On Apr 25, 2016 22:37, "Larry Martell" <larry.martell@gmail.com> wrote:
>> >>
>> >> We have an existing django app with login, change password, and forgot
>> >> password functionality.
>> >>
>> >> Then we have this other app built with the falcon framework. The
>> >> client side of that is C++/Qt. That app has no login functionality -
>> >> you bring it up and you're in. We would like to somehow use the login
>> >> functionality of the django app in the falcon app. Is that even
>> >> possible? I was thinking that in the Qt app I could bring up the
>> >> django login page by invoking the URL for that app. But once they log
>> >> in, how could I get control back to the Qt app and not have it proceed
>> >> to the django app?
>> >>
>> >> Does this even make any sense? Has anyone ever done anything like this?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CACwCsY6_P7B7PZK6PRCt%3D2m0JyQ%2BejcMLp-1Q%2B7C2N-5rfyxZg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment