I am trying to set up authentication using django-rest-auth and django-allauth. The user exists in the database and I can login to the django admin site. When I try to login using the rest-auth/login/ endpoint posting email/password, I receive a 400 error with the following response:
{
"non_field_errors": [
"Unable to log in with provided credentials."
]
}
I followed the instructions here: http://django-allauth.readthedocs.io/en/latest/configuration.html#configuration
In my settings file I have the following:
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_UNIQUE_EMAIL = True
ACCOUNT_AUTHENTICATION_METHOD = 'email'
If I comment out the three lines above and use the same endpoint but add the username it works. It seems to only not work with email only mode.
Thanks for your help!
I had the same issue, resolved by putting the right authentication backends. Here's my settings:
ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_USER_MODEL_USERNAME_FIELD = None
ACCOUNT_USERNAME_REQUIRED = False
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_UNIQUE_EMAIL = True
AUTHENTICATION_BACKENDS = (
"django.contrib.auth.backends.ModelBackend",
"allauth.account.auth_backends.AuthenticationBackend"
)
Related
django-allauth been used
ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_USERNAME_REQUIRED = True
ACCOUNT_EMAIL_REQUIRED = True
LOGIN_REDIRECT_URL = 'xxx:index'
ACCOUNT_LOGOUT_REDIRECT_URL = 'account_login'
ACCOUNT_LOGOUT_ON_GET = True
ACCOUNT_EMAIL_SUBJECT_PREFIX = ''
ACCOUNT_DEFAULT_HTTP_PROTOCOL = 'https'
ACCOUNT_UNIQUE_EMAIL = True
DEFAULT_FROM_EMAIL = 'tttt#gmail.com'
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
ACCOUNT_EMAIL_VERIFICATION = "mandatory"
I set this in settings.py and I runserver, sign up and then received an email such as
You're receiving this e-mail because user jjjj#gmail.com has given your e-mail address to register an account on example.com.
To confirm this is correct, go to https://eeee.cloud9.us-east-2.amazonaws.com/accounts/confirm-email/4444/
so I go to the link but then I cannot login. Instead, I receive another mail and I got no error message. I am sure that I use ID and password correctly. What should I do?
Cloud 9
Python 3.7.9
Django 2.2.17
django-allauth 0.44.0
When I go to the link in VERIFICATION, I like to login.
This issue was resolved by myself. The order of url in urls.py was wrong.
urlpatterns = [
path('accounts/', include('allauth.urls')),
re_path(r'^accounts/confirm-email/[^/]+/', RedirectView.as_view(pattern_name='timeline:index'), kwargs=None),
]
is a right order.
re_path(r'^accounts/confirm-email/ should come after path('accounts/',
I have created a custom OAuth client for the snowflake account by referring documentation here, https://docs.snowflake.com/en/user-guide/oauth-custom.html
I created an OAuth custom instance for my local using the following query:
create security integration My_Snowflake_Connector
type = oauth
enabled = true
oauth_client = custom
oauth_client_type = 'CONFIDENTIAL'
oauth_redirect_uri = 'http://localhost:4200/api/auth/callback/snowflake'
oauth_issue_refresh_tokens = true
oauth_refresh_token_validity = 86400
blocked_roles_list = ()
pre_authorized_roles_list = ('SYSADMIN', 'ACCOUNTADMIN', 'SECURITYADMIN')
oauth_allow_non_tls_redirect_uri = true
I have obtained authorization & token URLs using the following query:
DESCRIBE security integration My_Snowflake_Connector
I also obtained secrets using the following query:
SELECT SYSTEM$SHOW_OAUTH_CLIENT_SECRETS( 'MY_SNOWFLAKE_CONNEECTOR' )
I have used passport-oauth2 plugin & OAuth2Strategy
On initiating OAuth flow I am rightly taken to the snowflake account I log in it shows the OAuth consent screen but upon redirection, I get an error invalid_client.
I am getting the following error JSON blob:
{\n "data" : null,\n "error" : "invalid_client",\n "code" : null,\n "message" : "This is an invalid client.",\n "success" : false,\n "headers" : null\n}
I have verified the callback URL, client id & secret none seems to be wrong.
What may be wrong with my configuration?
Update
We could not figure out the reason behind the OAuth error, Finally, we ended up using the Node js client from snowflake. For more info: https://docs.snowflake.com/en/user-guide/nodejs-driver.html
I could see a similar error when testing OAuth2 from Postman when Client Authentication is set to "Send Client Credentials in body".
On changing this to "Send as Basic Auth Header",token generation works fine and proceeds successfully.
I guess this change should resolve the issue in your case as well. One of the reference that I checked is here : https://github.com/ciaranj/node-oauth/pull/316
I'm having trouble debugging the issue occurs when pushing new events to Outlook Calendar using Microsoft Graph API (v1). I have tested and it's still working, but I received this error which happened a few times today from my Ruby on Rails apps with the gems mentioned in the code snippet below. And there are duplicate events added to the calendar after these errors. I have searched this issue but still got nothing. Could anyone help me to debug this problem, please? I just don't know if this issue caused by my users' actions or just API server error. Many thanks!
OData::ServerError 503 ConcurrentItemSave: "Conflicts occurred during saving data to store (saveresult: IrresolvableConflict, properties: ). Please retry the request." from "https://graph.microsoft.com/v1.0/me/calendars/AAMkADg1YmMzNjE2LTM5Y2MtNGI2NC05NjJjLWRiY2RhZTZkNDRkMABGAAAAAADZc5aq6QclSqy_4oRMVv_EBwB4ZnW6S6xLTZDSXIsgJfprAAAAAAEGAAB4ZnW6S6xLTZDSXIsgJfprAAAGEcjmAAA=/events"
Code I use to create events via api
require 'adal'
require 'microsoft_graph'
username = ENV["OUTLOOK_USERNAME"]
password = ENV["OUTLOOK_PASSWORD"]
client_id = ENV["OUTLOOK_CLIENT_ID"]
client_secret = ENV["OUTLOOK_CLIENT_SECRET"]
tenant = ENV["OUTLOOK_TENANT"]
user_cred = ADAL::UserCredential.new(username, password)
client_cred = ADAL::ClientCredential.new(client_id, client_secret)
context = ADAL::AuthenticationContext.new(ADAL::Authority::WORLD_WIDE_AUTHORITY, tenant)
resource = "https://graph.microsoft.com/"
tokens = context.acquire_token_for_user(resource, client_cred, user_cred)
callback = Proc.new { |r|
r.headers["Authorization"] = "Bearer #{tokens.access_token}"
r.headers["Prefer"] = 'outlook.timezone="Australia/Sydney"'
r.headers['Content-type'] = 'application/json'
}
#graph = MicrosoftGraph.new(
base_url: "https://graph.microsoft.com/v1.0",
cached_metadata_file: File.join(MicrosoftGraph::CACHED_METADATA_DIRECTORY, "metadata_v1.0.xml"),
&callback
)
#example_data
calendar_id = "my_calendar_id"
data = my_event_object
#graph.service.post("me/calendars/#{calendar_id}/events", data.to_json)
We've been using django-allauth for quite some time now in production. We can enable account email verification which works great. But we now have a REST api that allows users to register through the API and the workflow doesn't go through django-allauth. Is it possible to manually invoke the django-allauth email verification feature or do we need to use a custom solution?
I'll just post my answer here as I've been searching for adding email verification with Django Built-in Authentication (And using a Custom Auth Model), I used the method mentioned by Marcus, I'll just add all the other stuff around it for anyone who wants to do the same.
First: Install django-allauth as described here
Second: Add your email configurations in the settings.py file :
EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.gmail.com' #I used gmail in my case
EMAIL_HOST_USER = <Your Email>
EMAIL_HOST_PASSWORD = <Your Password>
EMAIL_PORT = 587
DEFAULT_FROM_EMAIL = <Default Sender name and email>
Third: Add configurations for verification and default login url, you'll find the documentation of all config parameters here, note that in my example I'm using a custom user model as mentioned, that's why I'm setting ACCOUNT_EMAIL_REQUIRED to True & ACCOUNT_USER_MODEL_USERNAME_FIELD and ACCOUNT_USERNAME_REQUIRED to False, also the LOGIN_URL,ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL andLOGIN_REDIRECT_URL parameters are used after the user clicks on the confirmation link sent by email to him
ACCOUNT_EMAIL_VERIFICATION='mandatory'
ACCOUNT_CONFIRM_EMAIL_ON_GET=True
ACCOUNT_EMAIL_REQUIRED=True
ACCOUNT_USER_MODEL_USERNAME_FIELD = None
ACCOUNT_USERNAME_REQUIRED = False
ACCOUNT_AUTHENTICATION_METHOD = 'email'
LOGIN_URL='app:login_user'
LOGIN_REDIRECT_URL='app:login_user'
ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL='app:login_user'
Fourth: After your signup form, save the user instance with is_active parameter set to False, then call the method:
from allauth.account.utils import *
send_email_confirmation(request, user, True)
Finally: Receive the signal after the user confirms his email, and set is_active to True
from allauth.account.signals import email_confirmed
from django.dispatch import receiver
# Signal sent to activate user upon confirmation
#receiver(email_confirmed)
def email_confirmed_(request, email_address, **kwargs):
user = MyUser.objects.get(email=email_address.email)
user.is_active = True
user.save()
Finally, you would want to change the default site name from Django Admin as it will be included in the email sent.
I had the same problem, and the solution I've found was to call the original send_email_confirmation method from allauth. I am using DRF3 for my API.
from allauth.account.utils import send_email_confirmation
...
def some_view(request):
user = ...
...
#using request._request to avoid TypeError on change made in DRF3 (from HTTPRequest to Request object)
send_email_confirmation(request._request, user)
...
I hope this helps you.
Following is what I am trying to do -
client = Google::APIClient.new
client.authorization.client_id = 'XXXX'
client.authorization.client_secret = 'XXXXX'
client.authorization.scope = 'https://www.googleapis.com/auth/calendar'
client.authorization.redirect_uri = 'http://www.aaaaa.com/'
calendar = client.discovered_api('calendar', 'v3')
In order to get access_token to make further requests, i make a call to
client.authorization.fetch_access_token!
Response I get is :
Signet::AuthorizationError: Authorization failed. Server message:
{
"error" : "invalid_request"
}
from D:/main/tools/jruby/lib/ruby/gems/1.8/gems/signet-0.4.4/lib/signet/oauth_2/client.rb:865:in `fetch_access_token'
Later I changed made a few changes and set the grant_type to password and supplied user name and password.
client.authorization.grant_type = 'password'
client.authorization.username = 'aaaaa'
client.authorization.password = 'aaaaa'
Still facing the same issue.
Documentation is not of much help. Is there any setting that I am missing?
You probably already figured this out, but I think I know what the problem is. You must first navigate (in a browser) to client.authorization.authorization_uri, which is where you will be asked to grant access to the Google account. After that, you will be redirected to client.authorization.redirect_uri, which is http://www.aaaaa.com/ in the code you provided. There will be an authorization code appended on to the URL: http://www.aaaaa.com?code=<code here>. You must set client.authorization.code equal to that authorization code. Once you have done that, you should be able to call client.authorization.fetch_access_token! and then make calls to the API.