Facebook Authorising App for Social Sweethearts

Explanation of Features

Used social-auth-app-django to implement facebook login. This module is helpful to extend the login to github, google and other oauth providers.
The access token provided by social-auth-app-django is long lived and is stored in the User social auths table under extras field
When user connects the facebook account, the pipeline function - load_user_and_profile_pic (app/pipeline.py) - to save the name, profile picture and profile url in AppFbUser table.
When user disconnects the app, the pipeline function - disconnect_user (app/pipeline.py) - makes user.is_active=false in the database and the user is logged out.

Create a new virtual environment for the project.

virtualenv -p python3 venv
source venv/bin/activate

Go into the repo and install required python libraries giving in the requirements.txt file.
```
cd sshearts
pip install -r requirements.txt
```
Run Django migrate.
```
python manage.py migrate
```
Fill in the SOCIAL_AUTH_FACEBOOK_KEY and SOCIAL_AUTH_FACEBOOK_SECRET environment variable in your machine. (See Instruction for creating FB App)
```
export SOCIAL_AUTH_FACEBOOK_KEY=<your-fb-app-id>
export SOCIAL_AUTH_FACEBOOK_SECRET=<<your-fb-app-secret-key>
```
Start the application.
```
python manage.py runserver
```

Go to developers.facebook.com/ click on My Apps and then Add a New App.
Fill in the app name.
From Settings > Basic, copy your app id and secret key to SOCIAL_AUTH_FACEBOOK_KEY and SOCIAL_AUTH_FACEBOOK_SECRET
Click on Add a Platform and select Website
For site url put http://localhost:8000 , if running locally else your app web url.
And then in App Domains put localhost if running locally else put your website domain.
Now go to Products > Facebook Login > Settings and put http://localhost:8000/app/deauthorize/ in the Deauthorize Callback URL. Or '/app/deauthorize/' if not running locally.

I didn't know whether the profile picture should be saved in the database and should be picked up from facebook graph api. So I implemented both the scenario. After logging in, you would see 2 profile images - the left one is from graph api and the right one is from saved media picture.
I didn't upload my app id and secret key to the repo since it's not safe to upload them on github. So I stored them on machine's environment variables and used them in the code(import os). Hope you can set up app id and secret in your environment variables too for successfully running the code)
Run with DEBUG=False in production, to redirect AuthCanceled error (when user cancels the facebook app request) to the home page.
I could have used class based view to make it more easily extendable and reusable but the amount of http request to be implemented is too less so I used function based view instead.