- Used social-auth-app-django to implement facebook login. This module is helpful to extend the login to github, google and other oauth providers.
- The access token provided by social-auth-app-django is long lived and is stored in the
User social auths
table underextras
field - When user connects the facebook account, the pipeline function -
load_user_and_profile_pic
(app/pipeline.py) - to save the name, profile picture and profile url in AppFbUser table. - When user disconnects the app, the pipeline function -
disconnect_user
(app/pipeline.py) - makes user.is_active=false in the database and the user is logged out.
-
Clone or download the repository.
-
Create a new virtual environment for the project.
virtualenv -p python3 venv source venv/bin/activate
-
Go into the repo and install required python libraries giving in the requirements.txt file.
cd sshearts pip install -r requirements.txt
-
Run Django migrate.
python manage.py migrate
-
Fill in the
SOCIAL_AUTH_FACEBOOK_KEY
andSOCIAL_AUTH_FACEBOOK_SECRET
environment variable in your machine. (See Instruction for creating FB App)export SOCIAL_AUTH_FACEBOOK_KEY=<your-fb-app-id> export SOCIAL_AUTH_FACEBOOK_SECRET=<<your-fb-app-secret-key>
-
Start the application.
python manage.py runserver
- Go to
developers.facebook.com/
click on My Apps and then Add a New App. - Fill in the app name.
- From Settings > Basic, copy your app id and secret key to
SOCIAL_AUTH_FACEBOOK_KEY
andSOCIAL_AUTH_FACEBOOK_SECRET
- Click on
Add a Platform
and selectWebsite
- For site url put http://localhost:8000 , if running locally else your app web url.
- And then in
App Domains
put localhost if running locally else put your website domain. - Now go to Products > Facebook Login > Settings and put
http://localhost:8000/app/deauthorize/
in theDeauthorize Callback URL
. Or '/app/deauthorize/' if not running locally.
-
I didn't know whether the profile picture should be saved in the database and should be picked up from facebook graph api. So I implemented both the scenario. After logging in, you would see 2 profile images - the left one is from graph api and the right one is from saved media picture.
-
I didn't upload my app id and secret key to the repo since it's not safe to upload them on github. So I stored them on machine's environment variables and used them in the code(import os). Hope you can set up app id and secret in your environment variables too for successfully running the code)
-
Run with DEBUG=False in production, to redirect AuthCanceled error (when user cancels the facebook app request) to the home page.
-
I could have used class based view to make it more easily extendable and reusable but the amount of http request to be implemented is too less so I used function based view instead.