Python package (WSGI middleware) providing authentication using Google, Yahoo, Facebook, Twitter and OpenID providers
Python JavaScript
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

Social Auth Python


This Python package (WSGI middleware) provides authentication for your users using:

  • OpenID (Google, Yahoo, Flickr, or any other openid provider...);
  • OAuth2 (Facebook, using the OAuth2 graph API);
  • OAuth (Twitter).


Place the middleware in your stack (here after session middleware, and before routes):

from socialauth.middleware import SocialAuthMiddleware


# Routing/Session/Cache Middleware
app = RoutesMiddleware(app, config[''])

# CUSTOM MIDDLEWARE HERE (filtered by error handling middlewares)
app = SocialAuthMiddleware(app, config, User, prefix="socialauth.")

# Set the session obj before the custom middlewares:
app = SessionMiddleware(app, config)

The SocialAuthMiddleware expects to have the "beaker.session" value set in the WSGI environment dict, and will set 'user_id' and 'user_human_id' keys in the session object.

SocialAuthMiddleware arguments:

  • app

  • config: a config object (dict). This object must contain the following keys/vals:

    • directory where are store the openid grants.
    • twitter.key, twitter.secret: the key/secret for twitter API.
    • fb.app_id, fb.api_key, fb.application_secret: FB OAuth2 params.
  • User: a class representing a User, defining the following class methods:

    • getByFacebookUID(fb_userid)
    • getByOpenIdIdentifier(openid_identifier)
    • getByTwitterId(twitter_user_id): Returns user obj corresponding to FB/OpenID/Twitter ID.
    • create(**properties): Create User obj setting given properties. the follogin instance methods:
    • save(): save the user obj to persistance storage.

    and the following potential properties (might not be set):

    • twitter_id

    • openid_identifier

    • fb_id

    • fb_oauth2_token

    • email = StringProperty()

    • firstname

    • lastname

    • fullname

    • nickname

    • _id: an unique identifier

    • human_id: a property method returning a string describing to the user the account he/she is logged-in with.

  • prefix: optional, default to "", a string to prefix keys for lookup in config dict. Ex: "socialauth."


The middleware will intercept the request having the following paths:

  • /socialauth/twitter/login
  • /socialauth/twitter/process
  • /socialauth/openid/login: expects the "url" parameters (where to redirect the user to)
  • /socialauth/openid/process
  • /socialauth/fb/login
  • /socialauth/fb/process/
  • /socialauth/logout: clear the session and redirect the user to "/".

The following will NOT be intercepted, and it is your responsibility to do something with it:

  • /socialauth/login : you should serve a page requesting the user to choose his/her identity provider. An example of such page can be found in the examples dir (examples/login_page.html). This page will provide a bunch of links to "/socialauth/{twitter,openid,fb}/login". The example page uses JS and CSS from the /static directory, but it is up to you to customize these.