Category Archives: Django

Enabling Battle.net OAuth2 in python-social-auth

Having a running setup, using OAuth2 login with Django & python-social-auth==0.1.19, you can simply create a file bnet.py within the social/backends folder:

bnet.py   
from social.backends.oauth import BaseOAuth2
 
 
class BnetOAuth2(BaseOAuth2):
    """Battlenet OAuth2 authentication backend"""
    name = 'bnet-oauth2'
    EMAIL_SUFFIX = "code-corner.de"
    REDIRECT_STATE = False
    AUTHORIZATION_URL = 'https://eu.battle.net/oauth/authorize'
    ACCESS_TOKEN_URL = 'https://eu.battle.net/oauth/token'
    ACCESS_TOKEN_METHOD = 'POST'
    DEFAULT_SCOPE = ['wow.profile',
                     'sc2.profile']
    EXTRA_DATA = [
        ('refresh_token', 'refresh_token', True),
        ('expires_in', 'expires'),
        ('token_type', 'token_type', True)
    ]
 
    def asd_get_user_id(self, details, response):
        if self.setting('USE_UNIQUE_USER_ID', False):
            return response['email']
        else:
            return response['username']
 
    def get_user_details(self, response):
        return {'username': response.get('username', ''),
                'email': response.get('email', ''),
                'fullname': response.get('name', ''),
                'first_name': response.get('given_name', ''),
                'last_name': response.get('family_name', '')}
 
    def user_data(self, access_token, *args, **kwargs):
        id = self.get_json(
            'https://eu.api.battle.net/account/user/id',
            params={'access_token': access_token}
        )["id"]
 
        btag = self.get_json(
            'https://eu.api.battle.net/account/user/battletag',
            params={'access_token': access_token}
        )["battletag"]
 
        first_name, last_name = btag.split("#")
 
        return {"id": id,
                "username": first_name,
                "email": "%d@%s" % (id, self.EMAIL_SUFFIX),
                "family_name": last_name,
                "given_name": first_name,
                "name": btag}

Finally activate the created backend and don’t forget to add the BNet API keys to your django settings. Now go and try the login.

SOCIAL_AUTH_BNET_OAUTH2_KEY = "..."
SOCIAL_AUTH_BNET_OAUTH2_SECRET = "..."
 
AUTHENTICATION_BACKENDS = ('social.backends.bnet.BnetOAuth2')

After login, a new user should be created using the part of the battle tag before the # as username and first_name and the number behind the # as last_name. The email will be filled using the BNet account id and a user-defined suffix.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)

Python-social-auth requires real hostname when using apache+gunicorn

After a successful authentication using google-oauth2 with the python-social-auth tool, the client gets redirected to a ../complete/ page. However, after forwarding all non-static traffic from the apache to a local gunicorn server, the redirection url points to http://localhost:8000/complete rather than to the real website. This can be easily fixed by enabling the ProxyPreserveHost setting in the apache config:

<VirtualHost *:80>
        ServerAdmin ...
        ServerName ...
 
        Alias /static /.../static
 
        DocumentRoot ...
 
        <Directory ...>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>
 
        ProxyPreserveHost on
 
        RewriteEngine on
        RewriteRule ^/static/.* - [L]
 
        # Django is run via gunicorn. So proxy the rest.
        RewriteRule ^(.*) http://localhost:8000$1 [P]
</VirtualHost>

VN:F [1.9.22_1171]
Rating: 5.0/10 (1 vote cast)

Supervisord at 100% load for gunicorn

Starting a gunicorn django server with the supervisord daemon using the deprecated gunicorn_django command works but results in 100% load of the supervisor process.

[program:gunicorn]
command=start_gunicorn.sh
process_name=gunicorn  ; process_name expr (default %(program_name)s)
numprocs=1                    ; number of processes copies to start (def 1)
directory=/home/gunicorn  ; directory to cwd to before exec (def no cwd)
autostart=true                ; start at supervisord start (default: true)
autorestart=true        ; whether/when to restart (default: unexpected)
user=gunicorn                   ; setuid to this UNIX account to run the program
redirect_stderr=true          ; redirect proc stderr to stdout (default false)

After adding gunicorn to the INSTALLED_APPS in the project settings, the gunicorn server can be easily started with the python manage.py run_gunicorn command and everything works fine.
INSTALLED_APPS = (
    ...
    'gunicorn'
    ...
)

VN:F [1.9.22_1171]
Rating: 6.0/10 (1 vote cast)