Suggestion: add quickstart/tutorial answering most basic questions.

[Zenahr]

• PSA = python-social-auth

This is mostly subjective but just to give a bit of context:

I'm a software engineer with moderate experience in fullstack dev. Very familiar with Flask, a bit of experience with Django. My goal: Rewriting a project that uses social authentication in Django.

I came across PSA and started trying to get it to work. It would be awesome to some sort of quickstart guides section for people who would like to add PSA to their projects with little to no friction and get started quickly.

I did get most of my flow working. Here's a list of questions I had trouble finding an answer to and some roadblocks:

• Django's standard project scaffolding comes with sqlite as the database. This doesn't work well with PSA, so I migrated to mysql. Having a step-by-step guide that goes over adding PSA on a fresh Django project would be huge for this.
• Just reading the Django docs on PSA, I couldn't find anything about how and where to add the client_id, client_secret and scope for the social login provider. I was looking all over the place until I finally checked the python-... docs instead of the ones specifically for the django implementation.
• Having a list of some parameters you'd probably want to change to your project's needs would be a huge help. Here's some I would personally add to that list:

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '<id>'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = '<secret>'
SOCIAL_AUTH_GOOGLE_SCOPE = [
    'https://www.googleapis.com/auth/youtube.force-ssl'
]
GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS = {'approval_prompt': 'force'} # force user to accept permissions on auth flow even if given before.

SOCIAL_AUTH_GOOGLE_OAUTH2_LOGIN_REDIRECT_URL = '/login/google-oauth2/' # <----- not sure if this one actually works
LOGIN_REDIRECT_URL = '/'

And it would be crazy awesome if the guide would also walk through testing the auth flow rudimentarily. Meaning: Log in, Revoke access, Log out.

I found this helpful snippet for logging in in a SO article: <a href="{% url "social:begin" "google-oauth2" %}">Sign in with Google</a>

I'm now just missing the equivalent for revoking access to the social provider. I thought <a href="{% url "social:disconnect" "google-oauth2" %}">Revoke access to my YouTube channel</a> would work, it doesn't.

So then I start looking at the pipelines concept in PSA but I don't really know what changes if I comment out some of the pipelines, how to invoke them etc.

---

I would gladly create an attempt for this kind of guide on the example of Google authentication if this is something that would be appreciated.

Bottom line: This isn't meant to be negative, I really appreciate what we can do with PSA, I just think the docs could have some additional guides to help get your feet wet and answer some general questions adopters might have. Another question I will still have to look into is for example "How do I get PSA to work with my custom user model? Can I just have my model extend some PSA model?" etc.

[nijel]

Contributing this would be useful. Probably extending https://python-social-auth.readthedocs.io/en/latest/configuration/django.html would be the way to go...

[Zenahr]

@nijel agreed. I would like to just know from a maintainer if this would be something they'd like to see added. Otherwise I might be writing documentation that won't make it onto the website.

[nijel]

Yes, I'd merge such contributions.