Integrating registration from social sites with RPXnow
Using RPXnow services to integrate Djang user system with OpenID, Facebook, Twitter and other social sites.
RPXnow is a service that enables users to use their OpenID, Facebook, Twitter, Google, Blogger, Myspace or other accounts to login/register on any site that use it. In the free version you can choose up to 6 providers, and in the paid one 12 (plus more features in the RPX APIs).
Setup RPXnow account
You have to register on RPXnow and create an application setting its name, and the important part - allowed domains. When you create such app you can choose providers to use Some providers need some setup (like Facebook), which is described on the rpxnow pages.
When you create an app it will receive an API key - you will need it to call rpxnow API methods. Put it in settings.py for example :)
How it works?
- Users select a provider and logs in on providers page
- When the user logs in on the provider page it will be redirected back to your site.
- The redirect will contain a token (POST, "token") that will allow you to get user information like mail, username, and unique identifier, based on which you can assign Django account to it.
- You can get the iframe and popup codes in the Quick Start tab on rpxnow site.
- In the iframe and popup widgets you have set a full URL to a page on your site that will handle the redirect. It has to get the token and call the API for user info. It should then login or register the user. Here is a part of such view:
- When we have the identifier we can check if there is a Django user account assigned to it - and if so - login user. And if there isn't any account you can create it and login new user (and connect identifier with the account).
We need a backend for loggin in user with RPX in AUTHENTICATION_BACKENDS and a model for the user-identifier relation. Below is my implementation, but you can also check django-rpx.
- Auth backend looks like this:
- The model:
- And the view that handles the redirect, login and registration:
- I've added also a view, that allows user to assign his social identifier to an existing account - user enters login and password of the existing account and if they are correct - the new account is deleted and the RPX-user relation is updated: