OpenIDTurn your Django application in to an OpenID consumer
I’ve just put the finishing touches on the first releasable version of django_openidconsumer, a package that makes it easy to add OpenID consumer support to any Django application.
Full documentation can be found in the repository. The package consists of Django models that implement the persistent part of an OpenID consumer, some simple views that hook in to the python-openid library from OpenID Enabled and a piece of middleware that makes the user’s OpenID(s) directly available within a Django view.
To cut a long story short, it allows you write view functions that look like this:
def example_view(request):
if request.openid:
return HttpResponse("OpenID is %s" % escape(
str(request.openid)
))
else:
return HttpResponse("No OpenID")
The package also supports simple registration, which lets you request additional details such as an e-mail address or nickname from the user’s OpenID provider.
I plan to keep the package under active development, with the aim of using it to demonstrate best practises in implementing OpenID (hence the support for multiple OpenIDs and simple registration out of the box). Next on the list is integration with Django’s built in authentication system, including the ability to associate one or more OpenIDs with an existing user account.
Please post any feedback as a comment on this entry, and direct bug reports to Google Code.
Fan-freeking-tastic!
This is great news. I'm working on a project that needs to integrate OpenID with django's authentication and I hope I can contribute to project.
Just a little thing: maybe you could use the wiki in Google code to publish the documentation.
cavorite - 24th April 2007 02:51 - #
Ha, I guess you saw my email. I very much appreciate you sharing; I saw this, but didn't realize there was anything there at first. This is exactly the sort of thing I was looking for.
Thanks! :)
Oh HELL yes! Thanks, Simon!
This is fantastic - thank you Simon! I only wish you'd had this out there a month or so back, I really could have used it. Ended up doing my own thing, but I'm about to pull this down and see where I can improve (or replace) my own code with this...
Kick ass! I've been waiting patiently for this :) Thanks man.
... & I've closed my feature request for this in Django (http://code.djangoproject.com/ticket/3213) in favor of this. Nice work!
Ubur-cool! I love it! Keep up the good work!
Wicked awesome! I shall nick this and try integrating it with comments on my blog forthwith!
Just at the Right Time™, thanks a lot :-).
Absolutely great :D Thanks for saving me from having to write something similar (but probably broken) on my own for my site :-)
I saw this on Google Code a week or so ago, and wondered when it would be done - looks fantastic, Simon - will be giving it a go later!
OK - stupid question here, but is it possible to use OpenID for authentication _without_ opening your application to every openID consumer?
mrben - 24th April 2007 10:05 - #
Just what I've been waiting for :D
Good work.
This is great!
I'm really looking forward for the integration with Django's built in auth. I think this is something that should go into Django contrib.
mrben - I'm not entirely sure what you mean, but generally when someone signs in with an OpenID for the first time you will put them through the same kind of signup mechanism that you would if they came and registered a username and password - you can ask them for their name, send them a validation e-mail, get them to pass a captcha and so on. The OpenID is a replacement for their username/password combination, nothing more.
Awesome stuff!
Cheer Simon - that was exactly what I wanted to know.... Most of the instances of OpenID I've used haven't seemed to work like this (at least from an end-user point of view) as they're mostly blogs and the like.
Essentially what I wanted to be able to do was to promote OpenID as a single sign-on implementation on a web application which I didn't want open to "the public" - think 'intranet', I guess.
mrben - 24th April 2007 17:43 - #
Let me add to the "thanks for keeping me from hacking up my own broken version" chorus! I'd much rather use yours, and help tweak it a bit if needed. Thanks much, Simon!
That is hella neat
@simon: I have integration with the auth system ready already (from my own consumer implementation). I even wanted to hand this code over to the project. But at that time there seemed to be little interest. Maybe someone with more carma than me is able to take that code to a higher level :-).
BTW: It's pretty straight forward. Nothing special.
Boris - sounds cool. Does it let you associate more than one OpenID with a single account? That's the principle feature I've been working out for my stab at the problem.
Very nice, Simon, and as someone else mentioned, Just In Time.
Might make sense to setup some sort of discussion forum for future features, no?
Simon - yes. That's borrowed from the profile idea in django, though in fact the OpenIDs carrying table isn't 1-1, of course:
class OpenID(models.Model):
user = models.ForeignKey(User)
openid_url = models.CharField(maxlength=512, unique=True)
The main "issue" with my implementation maybe is the fact that i somewhat misused the concept of "a token" in the auth backend callback hook to establish a communication channel between the login view and the auth backend using a dict. Still works quite well.
David: I've created a mailing list for the project, and for any other discussions around OpenID and Django.
Boris: Is your code available anywhere?
Simon, I will try to weave mine with yours by tomorrow evening and send it to you. I'll just complement settings, models, add forms and backends, and add to the examples. It's not too much. Cheers
test
I wonder how much support OpenID is really getting? I'm just not crazy about tying our apps to 3rd party system.
George Morris - 10th May 2007 04:49 - #
Testing openid. ;-)
Great job, no doubt the number of Openid enabled Django sites will skyrocket thanks to you.
Thanks for the contribution, Simon, I'm sure this'll mean a lot of Django sites will start accepting OpenID logins.
I guess this will be my first openid post :)
I wonder how this could easily be implemented on sites that are already using django's auth and registration. I am probably looking at it wrong, but it appears to me that as it stands right now, you basically use one or the other on sites (short of having both a ForeignKey(User) and 'openid' field on an object, that is).
I'll have a play around on the weekend and see if I can get a better understanding of the entire thing - but I'm positive that OpenID is a good way forward (from what I can tell so far, anyway!)
Is there any way you could update this to work with the new 2.0 version of python-openid? I'm getting some errors with the current version and I was hoping this would fix them...