search

pennersr / django-allauth

Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.
https://allauth.org
MIT License
9.54k stars 3.03k forks source link

Untappd too many requests (but that's not the case) #2481

Closed adriaanh closed 2 years ago

adriaanh commented 4 years ago

First, thanks for this amazing app. Really helps with implementing social logins into my app.

I use Untappd for social login, however it seems that it is not working, no matter what I try, I get the 'Social login failure' screen. I did some debugging and with the {{ auth_error.code }} and {{ auth_error.exception }} template tags I was able to see the problem: Code: unknown, Error: Error retrieving access token: b'Too Many Requests'.

I tried with two different apps from Untappd (I have two APIs), and both provide the same result. When I try the same credentials from the same machine in another app I developed myself in PHP, I don't get an error and the communication with Untappd is just fine. So it seems that there is no problem on the side of Untappd, and the callback URL is also okay (when I change the callback URL at Untappd with some random URL, I get the notification that the callback URL is not correct).

As I think my settings are all correct, it seems that something with the request to Untappd is not correct, but I can't figure out what is wrong (looked at your code as well). What steps could I take to provide more insights in the specifics?

For reference my settings below:

Relevant parts of the settings.py:

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django.contrib.sites',

    # Allauth apps
    'allauth',
    'allauth.account',
    'allauth.socialaccount',
    'allauth.socialaccount.providers.untappd',

    # own apps
    'core',
]

AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend',
    'allauth.account.auth_backends.AuthenticationBackend',
)

SITE_ID = 3

URLs:

urlpatterns = [
    path('', include('core.urls', namespace='core')),
    path('accounts/', include('allauth.urls')),
    path('admin/', admin.site.urls),
]

Site settings in DB (below is site 3):

Domain name: http://localhost
Display name: http://localhost

Setup of Social Application in DB:

Name: Untappd
Cliend id: <client id from untappd>
Secret key: <client secret from untappd>
Key: empty
Sites: http://localhost

Callback URL at Untappd:

http://localhost/accounts/untappd/login/callback/

Running the local server with the following command: python manage.py runserver localhost:80

Edit: Added runserver commands

adriaanh commented 4 years ago

Ok, after a lot of debugging I found the solution (thanks to another user who had a problem like this one with Reddit (https://stackoverflow.com/questions/55833707/why-does-django-allauth-method-seem-to-fail-to-make-reddit-api-call-correctly).

It seems that Untappd needs an specific User-Agent in the header. This is also documented in the API docs (https://untappd.com/api/docs).

I added custom headers to the request as per in the Stackoverflow link, after which everything was working. I suggest a configuration entry in settings.py to be able to set custom headers when needed, and add these custom headers to the request. Would this be feasible?

        # The User-Agent header has to be overridden in order for things to work, which wasn't happening before...
        headers = {
            'User-Agent': 'CUSTOM'
        }

        resp = requests.request(self.access_token_method,
                                url,
                                params=params,
                                data=data,
                                headers=headers)