Browse files

added docs dir

  • Loading branch information...
tuxcanfly committed Jul 5, 2010
1 parent b5dcad9 commit 37aab805f2814e79fb992ed596a8e8279544dfa3
Showing with 90 additions and 0 deletions.
  1. 0 { → docs}/LICENSE
  2. +90 −0 docs/README
  3. 0 {example_project → docs}/requirements.txt
File renamed without changes.
@@ -0,0 +1,90 @@
+What it does.
+1. Allow logging in via various providers.
+2. Import contacts from various third party sites, to find out which of your
+friends already use our service.
+Logging In
+This is a application to enable authentication via various third party sites.
+In particular it allows logging in via
+1. Twitter
+2. Gmail
+3. Facebook
+4. Yahoo(Essentially openid)
+4. OpenId
+Libs you need to install
+See requirements.txt
+use `pip install -r requirements.txt` to install all dependencies at once
+The API Keys are available from
+How it works.
+Openid: Users need to provide their openid providers. Talk to the providers and
+Yahoo: Yahoo is an openid provider. Talk to Yahoo endpoints. (Endpoint:
+Google: Google is a provider. Talk to them. (Endpoint:
+Facebook: Facebook connect provides authentication framework.
+Twitter: We use Twitter Oauth for authentication. In theory, Oauth shouldn't be
+used for authentication. (It is an autorisation framework, not an authentication one),
+In practice it works pretty well. Once you have an access_token, and a name, essentially
+As with all APIs, we are limited by the amout of data which the API provider
+provides us. For example, both Yahoo and Google provide extremely limited data
+about the autheticated subscriber. Twitter and Facebook provide a lot of details,
+but not the email. Different Openid providers are free to provide [different
+amounts of data](
+How it works.
+1. For all providers(except Facebook) there are two urls and views. (start and done)
+2. Start sets up the required tokens, and redirects and hands off to the correct
+3. Provider handles authentication on their ends, and hands off to Us, providing
+authorization tokens.
+4. In done, we check if the user with these details already exists, if yes, we
+log them in. Otherwise we create a new user, and log them in.
+For all of these, we use standard django authenication system, with custom
+auth_backends, hence all existing views, and decorators as login_required
+will work as expected.
+/login/ Login page. Has all the login options
+/openid_login/ AND /openid_login/done/
+/yahoo_login/ AND /yahoo_login/done/
+/gmail_login/ AND /gmail_login/done/
+/twitter_login/ AND /twitter_login/done/
+/facebook_login/done/ We dont have a start url here, as the starting tokens are
+set in a popup.
+0. Install required libraries.
+1. Get tokens and populate in
+2. Set the token callback urls correctly at Twitter and Facebook.
+4. Set the authentication_backends to the providers you are using.
File renamed without changes.

0 comments on commit 37aab80

Please sign in to comment.