Open OhmGeek opened 7 years ago
Best option is the package 'django-social-auth'. Install the package to the project, then configure settings. From the source: https://www.safaribooksonline.com/blog/2012/11/02/google-apps-auth-for-internal-django-sites/
# Django Social Auth Config
AUTHENTICATION_BACKENDS = (
'social_auth.backends.google.GoogleOAuth2Backend', # putting this 1st means that most users will auth with their Google identity
'django.contrib.auth.backends.ModelBackend', # ...but this one means we can still have local admin accounts as a fallback
)
LOGIN_URL = '/login/google-oauth2/'
LOGIN_ERROR_URL = '/login-error/'
SOCIAL_AUTH_RAISE_EXCEPTIONS = False
SOCIAL_AUTH_PROCESS_EXCEPTIONS = 'social_auth.utils.log_exceptions_to_messages' # ...assuming you like the messages framework
GOOGLE_OAUTH2_CLIENT_ID = 'yourCLIENTidHERE' # this is on the credentials web page from above
GOOGLE_OAUTH2_CLIENT_SECRET = 'YOURsecretHERE' # this is also on the credentials web page from above
GOOGLE_WHITE_LISTED_DOMAINS = ['st-aidans.com'] # this is what actually limits access
SOCIAL_AUTH_COMPLETE_URL_NAME = 'socialauth_complete'
SOCIAL_AUTH_ASSOCIATE_URL_NAME = 'socialauth_associate_complete'
With this, we need to write a unit test for several different possibilities:
This will ensure we can keep our login system running, at least for Google.
For now, we will just use Django login for this, but GAuth might be useful as we go on
Rather than having to create accounts for EACH and every member of college, we can use Google Auth.
Because of the large number of un-grouped accounts, we need to look into adding groups, so that we have one for exec, one for subexec (which already exist within Google Admin), along with sports and separate societies groups. We can then use these to customise their user experience.
TODO: