Skip to content

Commit

Permalink
Small changes to the Rst readme
Browse files Browse the repository at this point in the history
  • Loading branch information
@theju
theju committed Oct 12, 2010
1 parent 78a01e6 commit deaba86
Showing 1 changed file with 47 additions and 44 deletions.
91 changes: 47 additions & 44 deletions README.rst
View file
@@ -1,20 +1,20 @@
What it does.
-----------------
1. Allow logging in via various providers.
2. Import contacts from various third party sites, to find out which of your
--------------

#. Allow logging in via various providers.
#. Import contacts from various third party sites, to find out which of your
friends already use our service.

Logging In
================

----------

This is a application to enable authentication via various third party sites.
In particular it allows logging in via
1. Twitter
2. Gmail
3. Facebook
4. Yahoo(Essentially openid)
4. OpenId
#. Twitter
#. Gmail
#. Facebook
#. Yahoo(Essentially openid)
#. OpenId

Libs you need to install
See requirements.txt
Expand All @@ -24,32 +24,33 @@ fetch the requirements.

The API Keys are available from

http://www.facebook.com/developers/createapp.php
https://developer.yahoo.com/dashboard/createKey.html
https://www.google.com/accounts/ManageDomains
http://twitter.com/oauth_clients
* http://www.facebook.com/developers/createapp.php
* https://developer.yahoo.com/dashboard/createKey.html
* https://www.google.com/accounts/ManageDomains
* http://twitter.com/oauth_clients

How it works.
-------------------
Openid: Users need to provide their openid providers. Talk to the providers and
--------------

* Openid: Users need to provide their openid providers. Talk to the providers and
login.
Yahoo: Yahoo is an openid provider. Talk to Yahoo endpoints. (Endpoint: http://yahoo.com)
Google: Google is a provider. Talk to them. (Endpoint: https://www.google.com/accounts/o8/id)
Facebook: Facebook connect provides authentication framework.
Twitter: We use Twitter Oauth for authentication. In theory, Oauth shouldn't be
* Yahoo: Yahoo is an openid provider. Talk to Yahoo endpoints. (Endpoint: http://yahoo.com)
* Google: Google is a provider. Talk to them. (Endpoint: https://www.google.com/accounts/o8/id)
* Facebook: Facebook connect provides authentication framework.
* Twitter: We use Twitter Oauth for authentication. In theory, Oauth shouldn't be
used for authentication. (It is an autorisation framework, not an authentication one),
In practice it works pretty well. Once you have an access_token, and a name, essentially
authenticated.

References
1. http://openid.net/developers/
2. http://developer.yahoo.com/openid/
3. http://code.google.com/apis/accounts/docs/OpenID.html
4. http://apiwiki.twitter.com/OAuth-FAQ
5. http://developers.facebook.com/connect.php
#. http://openid.net/developers/
#. http://developer.yahoo.com/openid/
#. http://code.google.com/apis/accounts/docs/OpenID.html
#. http://apiwiki.twitter.com/OAuth-FAQ
#. http://developers.facebook.com/connect.php

Limitations
--------------
------------

As with all APIs, we are limited by the amout of data which the API provider
provides us. For example, both Yahoo and Google provide extremely limited data
Expand All @@ -58,34 +59,36 @@ but not the email. Different Openid providers are free to provide [different
amounts of data](http://openid.net/specs/openid-simple-registration-extension-1_0.html).

How it works.
-----------------
1. For all providers(except Facebook) there are two urls and views. (start and done)
2. Start sets up the required tokens, and redirects and hands off to the correct
--------------

#. For all providers(except Facebook) there are two urls and views. (start and done)
#. Start sets up the required tokens, and redirects and hands off to the correct
provider.
3. Provider handles authentication on their ends, and hands off to Us, providing
#. Provider handles authentication on their ends, and hands off to Us, providing
authorization tokens.
4. In done, we check if the user with these details already exists, if yes, we
#. In done, we check if the user with these details already exists, if yes, we
log them in. Otherwise we create a new user, and log them in.

For all of these, we use standard django authenication system, with custom
auth_backends, hence all existing views, and decorators as login_required
will work as expected.

Urls
---------

/login/ Login page. Has all the login options
/openid_login/ AND /openid_login/done/
/yahoo_login/ AND /yahoo_login/done/
/gmail_login/ AND /gmail_login/done/
/twitter_login/ AND /twitter_login/done/
/facebook_login/done/ We dont have a start url here, as the starting tokens are
-----

* /login/ Login page. Has all the login options
* /openid_login/ AND /openid_login/done/
* /yahoo_login/ AND /yahoo_login/done/
* /gmail_login/ AND /gmail_login/done/
* /twitter_login/ AND /twitter_login/done/
* /facebook_login/done/ We dont have a start url here, as the starting tokens are
set in a popup.

Implementation
----------------
0. Install required libraries.
1. Get tokens and populate in localsettings.py
2. Set the token callback urls correctly at Twitter and Facebook.
4. Set the authentication_backends to the providers you are using.
---------------

#. Install required libraries.
#. Get tokens and populate in localsettings.py
#. Set the token callback urls correctly at Twitter and Facebook.
#. Set the authentication_backends to the providers you are using.

0 comments on commit deaba86

Please sign in to comment.