OAuth2 setup in restapi and authentication with api
Firstly setup the restframework
After setup please follow these steps
1.pip install django-oauth-toolkit
2.add ‘oauth2_provider’ to your INSTALLED_APPS setting.
3.url(r'^o/', include('oauth2_provider.urls')), to your urls.py
4.Add the following to your settings.py module:
OAUTH2_PROVIDER = {
# this is the list of available scopes
'SCOPES': ['read', 'write', 'groups']
}
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'oauth2_provider.ext.rest_framework.OAuth2Authentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
)
}
5.Run python manage.py syncdb
6.open backend admin (127.0.0.1:8000/admin)
7.Step 3: Register an application
To obtain a valid access_token first we must register an application.
From the admin go to oauth2_provider > applications > Add Application. Fill the form with the following data:
User: your current user
Client Type: confidential
Authorization Grant Type: Resource owner password-based
Save your app!
8.Get your token and use your API
At this point we’re ready to request an access_token. Open your shell
Note = TO get client id and client secret, go to the admin panel and then oauth2_provider > applications >select application
syntax = curl -X POST -d "grant_type=password&username=<user_name>&password=<password>" http://<client_id>:<client_secret>@localhost:8000/o/token/
eg. = curl -X POST -d "grant_type=password&username=admin&password=admin" http://lh4RIKR2Cn95LHVOYLMddT1RAxDgHRDIEwPyR61g:82aVoSzfHyoWEguSBhp4ZHXigowzuLJS45kI7j3l6Flz5k42LDcBHiKSTl0fJ5OhijtIxY2sNPUDihKSQKna1eaEXt3dTG69u3eLNq6EJqqJdGfJRgnzFSSaHPU2NVqT@192.168.1.6:8000/shopping/o/token/
Response should be something like:
{
“access_token”: “<your_access_token>”, “token_type”: “Bearer”, “expires_in”: 36000, “refresh_token”: “<your_refresh_token>”, “scope”: “read write groups”
}
Authentication with api from front end
def userlogin(request):
url = 'http://192.168.1.6:8000/shopping/o/token/'
form = LoginForm
template_name = 'index.html'
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
cd = {}
cd['username'] = username
cd['password'] = password
cd['client_id'] = 'lh4RIKR2Cn95LHVOYLMddT1RAxDgHRDIEwPyR61g'
cd['client_secret'] = '82aVoSzfHyoWEguSBhp4ZHXigowzuLJS45kI7j3l6Flz5k42LDcBHiKSTl0fJ5OhijtIxY2sNPUDihKSQKna1eaEXt3dTG69u3eLNq6EJqqJdGfJRgnzFSSaHPU2NVqT'
cd['grant_type'] = 'password'
r = requests.post(url, data=cd)
if r:
data = r.json()
token = data['access_token']
request.session['token'] = 'Bearer ' + token
headers = {'Authorization': request.session['token']}
s = requests.get('http://192.168.1.6:8000/shopping/registration/', headers=headers)
data2 = s.json()
for d in data2:
if d['username'] == username:
print username
return HttpResponse("Working")
Firstly setup the restframework
After setup please follow these steps
1.pip install django-oauth-toolkit
2.add ‘oauth2_provider’ to your INSTALLED_APPS setting.
3.url(r'^o/', include('oauth2_provider.urls')), to your urls.py
4.Add the following to your settings.py module:
OAUTH2_PROVIDER = {
# this is the list of available scopes
'SCOPES': ['read', 'write', 'groups']
}
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'oauth2_provider.ext.rest_framework.OAuth2Authentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
)
}
5.Run python manage.py syncdb
6.open backend admin (127.0.0.1:8000/admin)
7.Step 3: Register an application
To obtain a valid access_token first we must register an application.
From the admin go to oauth2_provider > applications > Add Application. Fill the form with the following data:
User: your current user
Client Type: confidential
Authorization Grant Type: Resource owner password-based
Save your app!
8.Get your token and use your API
At this point we’re ready to request an access_token. Open your shell
Note = TO get client id and client secret, go to the admin panel and then oauth2_provider > applications >select application
syntax = curl -X POST -d "grant_type=password&username=<user_name>&password=<password>" http://<client_id>:<client_secret>@localhost:8000/o/token/
eg. = curl -X POST -d "grant_type=password&username=admin&password=admin" http://lh4RIKR2Cn95LHVOYLMddT1RAxDgHRDIEwPyR61g:82aVoSzfHyoWEguSBhp4ZHXigowzuLJS45kI7j3l6Flz5k42LDcBHiKSTl0fJ5OhijtIxY2sNPUDihKSQKna1eaEXt3dTG69u3eLNq6EJqqJdGfJRgnzFSSaHPU2NVqT@192.168.1.6:8000/shopping/o/token/
Response should be something like:
{
“access_token”: “<your_access_token>”, “token_type”: “Bearer”, “expires_in”: 36000, “refresh_token”: “<your_refresh_token>”, “scope”: “read write groups”
}
Authentication with api from front end
def userlogin(request):
url = 'http://192.168.1.6:8000/shopping/o/token/'
form = LoginForm
template_name = 'index.html'
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
cd = {}
cd['username'] = username
cd['password'] = password
cd['client_id'] = 'lh4RIKR2Cn95LHVOYLMddT1RAxDgHRDIEwPyR61g'
cd['client_secret'] = '82aVoSzfHyoWEguSBhp4ZHXigowzuLJS45kI7j3l6Flz5k42LDcBHiKSTl0fJ5OhijtIxY2sNPUDihKSQKna1eaEXt3dTG69u3eLNq6EJqqJdGfJRgnzFSSaHPU2NVqT'
cd['grant_type'] = 'password'
r = requests.post(url, data=cd)
if r:
data = r.json()
token = data['access_token']
request.session['token'] = 'Bearer ' + token
headers = {'Authorization': request.session['token']}
s = requests.get('http://192.168.1.6:8000/shopping/registration/', headers=headers)
data2 = s.json()
for d in data2:
if d['username'] == username:
print username
return HttpResponse("Working")
No comments:
Post a Comment