Introduction
If you don't want to create your own account system and want your users to just use their existing accounts what your looking for is called OpenID, OpenID is the most supported single sign on system available today.Currently supported by Google, Yahoo, myspace, Aol and many many more.
It's however not the easiest thing to set it up, and some companies such as Facebook decided to make their own system, thats why I choose RPX, RPX is a middle man between you and the Single Sign On ProvidersHow to implement
- First thing you need is an account from RPX
- RPX will guide you through most of this now, they provide you with the javascripts to include, and the link you can put on your site. It looks something like this
Sign In
- Your token url should point towards the login view
- When a user logs in, that login view will trigger, and in the Request['token'] you get the key that you need to send RPX to acquire whatever information you need
- Now we need to send a POST request to RPX using a secure connection with the token key and the api key assigned to your account
import urllib, urllib2 params = urllib.urlencode({'token': request.REQUEST['token'], 'apiKey': '[your_api_key]'}) req = urllib2.Request(url='https://rpxnow.com/api/v2/auth_info', data=params) f = urllib2.urlopen(req) data = f.read() - The variable data now holds a json formatted string that looks something like this
{ "profile": { "displayName": "brian", "preferredUsername": "brian", "url": "http:\/\/brian.myopenid.com\/", "providerName": "Other", "identifier": "http:\/\/brian.myopenid.com\/" }, "stat": "ok" } - If your using Python 2.6+, you can just use the built in json to decode the string, for others you need a json parser such as simplejson.
Example:
json = JSONDecoder() jdata = json.decode(data) if (jdata['stat'] == "ok"): print "Name: " + jdata['profile']['name']['formatted'] print "Provider: " + request.session['user_provider'] else: print "Unable to login: " + jdata['stat']