Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Authenticate Django Users against Google Apps. Check simul14's fork, it's more active

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 googleappsauth
Octocat-spinner-32 .gitignore
Octocat-spinner-32 AUTHORS
Octocat-spinner-32 CHANGES
Octocat-spinner-32 MANIFEST.in
Octocat-spinner-32 Makefile
Octocat-spinner-32 README.rst
Octocat-spinner-32 requirements.txt
Octocat-spinner-32 setup.py
README.rst

Authentication agains Google Apps Domains for Django

googleappsauth allows you to authenticate your Django users against an Google Apps domain. This means you basically get a single sign-on solution, provided that all users of your django application also have Accounts in Google Apps for your Domain.

Usage

To use googleappsauth, configuration in settings.py should look like this:

GOOGLE_APPS_DOMAIN = 'example.com'
GOOGLE_APPS_CONSUMER_KEY = 'example.com'
GOOGLE_APPS_CONSUMER_SECRET = '*sekret*'
# domain where your application is running
GOOGLE_OPENID_REALM = 'http://*.hudora.biz/'

If you want to choose from a list of Google apps domains on a login-by-login basis you can configure an array of apps domains:

GOOGLE_APPS_DOMAIN = ['example.com', 'foobar.com', 'carcdr.de']

You also can tell googleappsauth where to go after successfull authentication, in case the redirect_url had not been set. LOGIN_REDIRECT_URL defaults to /.

LOGIN_REDIRECT_URL = '/admin'

To activate googleappsauth, set the appropriate Authentication backend and include a callback view.

settings.py:
AUTHENTICATION_BACKENDS = ('googleappsauth.backends.GoogleAuthBackend',)

urls.py:
(r'^callback_googleappsauth/', 'googleappsauth.views.callback'),

Using a special middleware which is included in the package, you can block access to a compete site.

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'googleappsauth.middleware.GoogleAuthMiddleware',
)

In addition you can set AUTH_PROTECTED_AREAS to authenticate only access to certain parts of a site, e.g.

AUTH_PROTECTED_AREAS = ['/admin']

If you wish, you can add AUTH_EXCLUDED_AREAS to remove authentication from sub-folders of your protected areas, e.g.

AUTH_EXCLUDED_AREAS = ['/admin/public']

Download

Get it at the Python Cheeseshop or at GitHub.

See also

Notes

You might need to enable the OAuth+OpenID support in your Google Apps domain at http://www.google.com/a/cpanel/<your-domain>/SetupIdp

You might need to register at http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.html Might look like this: http://static.23.nu/md/Pictures/ZZ6F76B85B.png

If google claims "invalid page" check GOOGLE_OPENID_REALM.

Something went wrong with that request. Please try again.