search

jrd / django-oauth2-authcodeflow

Authenticate with any OpenId Connect/Oauth2 provider through authorization code flow. PKCE is also supported
https://pypi.org/project/django-oauth2-authcodeflow/
MIT License
14 stars 8 forks source link

Typo and question regarding the INSTALLED_APPS setting #14

Closed Apollo3zehn closed 9 months ago

Apollo3zehn commented 1 year ago

First, a big THANK YOU for making this library available. Its the only one I found which works properly so far.

In your README you have the string django.contrib.session but I think it should actually be django.contrib.sessions (with an s at the end).

And my question: why does it matter where in the INSTALLED_APPS list I put the oauth2_authcodeflow? Isn't the position of e.g. oauth2_authcodeflow.middleware.LoginRequiredMiddleware within the MIDDLEWARE list much more important? From C# and Java I know that it is important to put the OpenID Connect middleware after the session middleware. But anything like this is not mentioned in the README. Or maybe I am wrong with my understand how middlewares are processed in Django (I am new to it)?

Thank you

cpontvieux-systra commented 9 months ago

Hi @Apollo3zehn I’m glad this library is useful to you.

Thanks for the typo in the README, will correct it as soon as possible.

About the position in the INSTALL_APPS you are right it really does not matter as the library is not monkey patching anything. However this library requires to have session and auth django applications installed. So it was a way to say it’s required and it’s also a good habit to have your dependencies listed earlier than later in INSTALL_APPS list.

So it’s not a requirement, it’s more a good writing rule ;-)

Hope I clear your wanderings.

Apollo3zehn commented 9 months ago

Thank you!