### Install Django Allauth with pip Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/installation/quickstart_display=source This snippet demonstrates how to install Django Allauth using pip. You can install the basic package or include social account support by using the `[socialaccount]` option. ```bash pip install django-allauth ``` ```bash pip install "django-allauth[socialaccount]" ``` -------------------------------- ### Install django-allauth MFA extras via pip Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/mfa/introduction Use pip to install the MFA extras of the django-allauth package. This step ensures that the Multi-Factor Authentication components are available in your environment. Run the command in your project's virtual environment. ```bash pip install "django-allauth[mfa]" ``` -------------------------------- ### Install Django Allauth headless package using pip Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/headless/installation_display=source Installs the headless extra for django-allauth via pip. This command should be run in your project's virtual environment. Requires internet connectivity and pip version compatible with extras syntax. ```bash pip install "django-allauth[headless]" ``` -------------------------------- ### Install Django Allauth IDP OIDC Package Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/idp/openid-connect/installation Installs the required django-allauth package with OpenID Connect provider support. This is the initial step required before configuring the OIDC provider functionality. ```bash pip install "django-allauth[idp-oidc]" ``` -------------------------------- ### Configure Django Allauth in settings.py Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/installation/quickstart_display=source This snippet shows the necessary configurations in Django's settings.py file for Django Allauth, including context processors, authentication backends, and installed apps. ```python TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [], 'APP_DIRS': True, 'OPTIONS': { 'context_processors': [ # Already defined Django-related contexts here # `allauth` needs this from django 'django.template.context_processors.request', ], }, }, ] ``` ```python AUTHENTICATION_BACKENDS = [ ... # Needed to login by username in Django admin, regardless of `allauth` 'django.contrib.auth.backends.ModelBackend', # `allauth` specific authentication methods, such as login by email 'allauth.account.auth_backends.AuthenticationBackend', ... ] ``` ```python INSTALLED_APPS = [ ... # The following apps are required: 'django.contrib.auth', 'django.contrib.messages', 'allauth', 'allauth.account', # Optional -- requires install using `django-allauth[socialaccount]`. 'allauth.socialaccount', # ... include the providers you want to enable: 'allauth.socialaccount.providers.agave', 'allauth.socialaccount.providers.amazon', 'allauth.socialaccount.providers.amazon_cognito', 'allauth.socialaccount.providers.angellist', 'allauth.socialaccount.providers.apple', 'allauth.socialaccount.providers.asana', 'allauth.socialaccount.providers.auth0', 'allauth.socialaccount.providers.authentiq', 'allauth.socialaccount.providers.baidu', 'allauth.socialaccount.providers.basecamp', 'allauth.socialaccount.providers.battlenet', 'allauth.socialaccount.providers.bitbucket_oauth2', 'allauth.socialaccount.providers.bitly', 'allauth.socialaccount.providers.box', 'allauth.socialaccount.providers.cilogon', 'allauth.socialaccount.providers.clever', 'allauth.socialaccount.providers.coinbase', 'allauth.socialaccount.providers.dataporten', 'allauth.socialaccount.providers.daum', 'allauth.socialaccount.providers.digitalocean', 'allauth.socialaccount.providers.dingtalk', 'allauth.socialaccount.providers.discogs', 'allauth.socialaccount.providers.discord', 'allauth.socialaccount.providers.disqus', 'allauth.socialaccount.providers.douban', 'allauth.socialaccount.providers.doximity', 'allauth.socialaccount.providers.draugiem', 'allauth.socialaccount.providers.drip', 'allauth.socialaccount.providers.dropbox', 'allauth.socialaccount.providers.dwolla', 'allauth.socialaccount.providers.edmodo', 'allauth.socialaccount.providers.edx' ] ``` -------------------------------- ### Configure Django Allauth providers and middleware in settings.py Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/installation/quickstart_display=source Adds required Allauth provider apps to INSTALLED_APPS, sets up session and authentication middleware, and defines provider-specific credentials in SOCIALACCOUNT_PROVIDERS. This snippet is intended for the project's settings.py file and requires the allauth package installed. ```python INSTALLED_APPS = [ 'allauth.socialaccount.providers.zoom', 'allauth.socialaccount.providers.okta', 'allauth.socialaccount.providers.feishu', "allauth.socialaccount.providers.atlassian", # ... ] MIDDLEWARE = ( "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", # Add the account middleware: "allauth.account.middleware.AccountMiddleware", ) SOCIALACCOUNT_PROVIDERS = { 'google': { 'APP': { 'client_id': '123', 'secret': '456', 'key': '' } } } ``` -------------------------------- ### Django Settings for Usersessions Installation Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/usersessions/installation This code snippet shows the necessary additions to Django's settings.py file to install and configure the allauth.usersessions app. It adds 'allauth.usersessions' to INSTALLED_APPS and optionally includes middleware for tracking user activity. Requires Django and django-allauth as dependencies. ```python INSTALLED_APPS = [ ... 'django.contrib.humanize', 'allauth.usersessions', ... ] MIDDLEWARE = [ ... # Optional -- needed when: USERSESSIONS_TRACK_ACTIVITY = True 'allauth.usersessions.middleware.UserSessionsMiddleware', ... ] ``` -------------------------------- ### Shopify Login and Callback URLs Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/shopify Example URLs for Shopify authentication setup. Used as App URL and Redirection URL in Shopify app configuration. Assumes localhost:8000 as server. ```URL http://localhost:8000/accounts/shopify/login/ ``` ```URL http://localhost:8000/accounts/shopify/login/callback/ ``` -------------------------------- ### Configure Django Settings for OIDC Provider Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/idp/openid-connect/installation Adds the OpenID Connect provider app to Django's INSTALLED_APPS. Requires prior setup of allauth.account as mentioned in the documentation. ```python INSTALLED_APPS = [ ... "allauth.idp.oidc", ... ] ``` -------------------------------- ### Install django-allauth with SAML support Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/saml Installs the django-allauth package with the SAML extra to enable SAML 2.0 authentication. Requires pip and appropriate system packages for XML handling. Run this command in your virtual environment before configuring SAML providers. ```shell $ pip install "django-allauth[saml]" ``` -------------------------------- ### VK Provider Setup in Django Allauth Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/vk_display=source Configure the VK provider by adding it to INSTALLED_APPS and defining SOCIALACCOUNT_PROVIDERS with app credentials and email scope. Requires django-allauth installation and VK app registration for client_id and secret. Enables social login via VK, retrieving full name and VK ID; note local testing limitations to ports 80 or 443. ```python SOCIALACCOUNT_PROVIDERS = { 'vk': { "APPS": [ { "client_id": "YOUR_CLIENT_ID", "secret": "YOUR_CLIENT_SECRET", "key": "", }, ], 'SCOPE': [ 'email', ], } } ``` ```python INSTALLED_APPS = [ ..., 'allauth.socialaccount.providers.vk', ..., ] ``` -------------------------------- ### Configure Django AllAuth UserSessions Settings Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/usersessions/installation_display=source This configuration enables user session tracking in Django-AllAuth by adding the usersessions app to INSTALLED_APPS and optionally including the middleware for activity tracking. It requires Django and the allauth package to be installed. The code modifies Django's settings to integrate user sessions functionality, with the middleware being conditional based on the USERSESSIONS_TRACK_ACTIVITY setting. ```python INSTALLED_APPS = [ ... 'django.contrib.humanize', 'allauth.usersessions', ... ] MIDDLEWARE = [ ... # Optional -- needed when: USERSESSIONS_TRACK_ACTIVITY = True 'allauth.usersessions.middleware.UserSessionsMiddleware', ... ] ``` -------------------------------- ### Configure Django Allauth headless in settings.py Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/headless/installation_display=source Adds required and optional apps to INSTALLED_APPS and defines frontend URLs for headless flows. Place this block inside your project's settings.py. Adjust URL values to match your front‑end routes. ```python INSTALLED_APPS = [ # Required 'allauth', 'allauth.account', 'allauth.headless', # Optional 'allauth.socialaccount', 'allauth.mfa', 'allauth.usersessions', ] HEADLESS_FRONTEND_URLS = { "account_confirm_email": "https://app.project.org/account/verify-email/{key}", "account_reset_password_from_key": "https://app.org/account/password/reset/key/{key}", "account_signup": "https://app.org/account/signup", } ``` -------------------------------- ### Django REST Framework Token Authentication Example Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/idp/openid-connect/integrations_display=source Shows how to implement token-based authentication and authorization in Django REST framework using TokenAuthentication and TokenPermission classes. The example demonstrates setting up authentication classes and permission checks with scope-based access control for APIView-based endpoints. ```python from rest_framework.views import APIView from allauth.idp.oidc.contrib.rest_framework.authentication import TokenAuthentication from allauth.idp.oidc.contrib.rest_framework.permissions import TokenPermission class ResourceView(APIView): authentication_classes = [TokenAuthentication] permission_classes = [TokenPermission.has_scope(["view-resource"])] def get(request, *args, **kwargs): ... ``` -------------------------------- ### Shopify Login URL Example Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/shopify_display=source Demonstrates how to generate a Shopify login URL using the django-allauth template tag. This requires the 'shopify' provider to be configured. ```python {% provider_login_url "shopify" shop="petstore" %} ``` -------------------------------- ### Django Ninja Token Authentication Example Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/idp/openid-connect/integrations_display=source Demonstrates how to implement token-based authentication and authorization in Django Ninja using the TokenAuth security class. The example shows how to protect API endpoints with specific scope requirements, allowing fine-grained access control for different resource types. ```python from allauth.idp.oidc.contrib.ninja.security import TokenAuth from ninja import NinjaAPI api = NinjaAPI() @api.get("/api/resource", auth=[TokenAuth(scope=["view-resource"])]) def resource(request): ... ``` -------------------------------- ### Add Allauth URL patterns to Django urls.py Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/installation/quickstart_display=source Includes Allauth's authentication routes in the project's URL configuration. Insert the path definition within the urlpatterns list to enable login, logout, and other account management URLs provided by Allauth. ```python from django.urls import path, include urlpatterns = [ # ... path('accounts/', include('allauth.urls')), # ... ] ``` -------------------------------- ### Add Allauth headless routes to Django urls.py Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/headless/installation_display=source Includes the standard allauth URLs and the headless API endpoints in the project's url configuration. Ensure these patterns are added even when operating in headless mode to handle OAuth handshakes. ```python urlpatterns = [ # OAuth and other account endpoints (needed even for headless) path("accounts/", include("allauth.urls")), # Allauth headless API endpoints path("_allauth/", include("allauth.headless.urls")), ] ``` -------------------------------- ### Configure URL Patterns for OIDC Provider Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/idp/openid-connect/installation Includes the OIDC provider URLs in Django's URL configuration. This enables the necessary endpoints for OpenID Connect functionality. ```python urlpatterns = [ ... path("", include("allauth.idp.urls")), ... ] ``` -------------------------------- ### Run Django Database Migrations Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/installation/quickstart Command to apply database migrations for `django-allauth` and other Django apps. This command creates the necessary database tables for user accounts, social accounts, and other features managed by the installed Django applications. ```bash python manage.py migrate ``` -------------------------------- ### Build Sphinx Documentation - Makefile Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/Makefile Makefile providing targets to build Sphinx documentation in various formats including HTML, PDF, epub, and others. Uses sphinx-build command with different builders. Requires make and sphinx-build to be installed. Output goes to _build directory. ```make # Makefile for Sphinx documentation # # # You can set these variables from the command line. SPHINXOPTS = SPHINXBUILD = sphinx-build PAPER = BUILDDIR = _build # Internal variables. PAPEROPT_a4 = -D latex_paper_size=a4 PAPEROPT_letter = -D latex_paper_size=letter ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . # the i18n builder cannot share the environment and doctrees with the others I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . .PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext help: @echo "Please use `make ' where is one of" @echo " html to make standalone HTML files" @echo " dirhtml to make HTML files named index.html in directories" @echo " singlehtml to make a single large HTML file" @echo " pickle to make pickle files" @echo " json to make JSON files" @echo " htmlhelp to make HTML files and a HTML help project" @echo " qthelp to make HTML files and a qthelp project" @echo " devhelp to make HTML files and a Devhelp project" @echo " epub to make an epub" @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" @echo " latexpdf to make LaTeX files and run them through pdflatex" @echo " text to make text files" @echo " man to make manual pages" @echo " texinfo to make Texinfo files" @echo " info to make Texinfo files and run them through makeinfo" @echo " gettext to make PO message catalogs" @echo " changes to make an overview of all changed/added/deprecated items" @echo " linkcheck to check all external links for integrity" @echo " doctest to run all doctests embedded in the documentation (if enabled)" clean: -rm -rf $(BUILDDIR)/* html: $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html @echo @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." dirhtml: $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml @echo @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." singlehtml: $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml @echo @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." pickle: $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle @echo @echo "Build finished; now you can process the pickle files." json: $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json @echo @echo "Build finished; now you can process the JSON files." htmlhelp: $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp @echo @echo "Build finished; now you can run HTML Help Workshop with the" ".hhp project file in $(BUILDDIR)/htmlhelp." qthelp: $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp @echo @echo "Build finished; now you can run "qcollectiongenerator" with the" ".qhcp project file in $(BUILDDIR)/qthelp, like this:" @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/django-allauth.qhcp" @echo "To view the help file:" @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/django-allauth.qhc" devhelp: $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp @echo @echo "Build finished." @echo "To view the help file:" @echo "# mkdir -p $$HOME/.local/share/devhelp/django-allauth" @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/django-allauth" @echo "# devhelp" epub: $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub @echo @echo "Build finished. The epub file is in $(BUILDDIR)/epub." latex: $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex @echo @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." @echo "Run `make' in that directory to run these through (pdf)latex" "(use `make latexpdf' here to do that automatically)." latexpdf: $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex @echo "Running LaTeX files through pdflatex..." $(MAKE) -C $(BUILDDIR)/latex all-pdf @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." text: $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text @echo @echo "Build finished. The text files are in $(BUILDDIR)/text." man: $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man @echo @echo "Build finished. The manual pages are in $(BUILDDIR)/man." texinfo: $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo @echo @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." @echo "Run `make' in that directory to run these through (pdf)latex" "(use `make pdf' here to do that automatically)." info: $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo @echo "Running Texinfo files through makeinfo..." make -C $(BUILDDIR)/texinfo info @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." gettext: $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale @echo @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." changes: $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes @echo @echo "The overview file is in $(BUILDDIR)/changes." linkcheck: $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck @echo @echo "Link check complete; look for any errors in the above output " "or in $(BUILDDIR)/linkcheck/output.txt." doctest: $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest @echo "Testing of doctests in the sources finished, look at the " "results in $(BUILDDIR)/doctest/output.txt." ``` -------------------------------- ### Configure ShareFile provider in django-allauth Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/sharefile_display=source Example Python configuration for ShareFile OAuth provider in django-allauth. Requires SUBDOMAIN parameter and allows customization of APICP and DEFAULT_URL settings. ```Python SOCIALACCOUNT_PROVIDERS = { 'sharefile': { 'SUBDOMAIN': 'TEST', 'APICP': 'sharefile.com', 'DEFAULT_URL': 'https://secure.sharefile.com', } } ``` -------------------------------- ### Configure OpenID Connect provider in Django settings (Python) Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/idp/openid-connect/installation_display=source Adds the OIDC provider app to INSTALLED_APPS and embeds the generated private key in settings.py. The IDP_OIDC_PRIVATE_KEY variable holds the PEM-encoded key. Ensure the key string maintains its indentation. ```Python INSTALLED_APPS = [ ... "allauth.idp.oidc", ... ] IDP_OIDC_PRIVATE_KEY = """ -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCiStSwvoSk61uf cQvkGDmR6gsM2QjVgKxCTPtg3tMhMO7kXq3PPMEiWlF49JicjPWs5vkYcLAsWNVE ... rfnteLIERvzd4rLi9WjTahfKA2Mq3YNIe3Hw8IDrrczJgd/XkEaENGYXmmNCX22B gtUcukumVPtrDhGK9i/PG3Q= -----END PRIVATE KEY----- """ ``` -------------------------------- ### Configure MFA app in Django settings Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/mfa/introduction the required allauth apps and the MFA app to the INSTALLED_APPS list in your Django settings module. This enables the MFA functionality, including TOTP, recovery codes, and WebAuthn. Ensure the list retains existing entries. ```python INSTALLED_APPS = [ ... # The required `allauth` apps... 'allauth', 'allauth.account', # The MFA app: 'allauth.mfa', ... ] ``` -------------------------------- ### GET /accounts/saml//login/ Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/saml_display=source Initiates a SAML login process for the specified organization. ```APIDOC ## GET /accounts/saml//login/ ### Description Initiates a SAML login process for the specified organization. This endpoint redirects the user to the configured Identity Provider for authentication. ### Method GET ### Endpoint /accounts/saml//login/ ### Path Parameters - **organization_slug** (string) - Required - Unique identifier for the organization ### Response #### Redirect Response (302) Redirects to the Identity Provider's SSO service URL. ``` -------------------------------- ### GET /accounts/saml//metadata/ Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/saml_display=source Provides the Service Provider's SAML metadata XML document for configuration with the Identity Provider. ```APIDOC ## GET /accounts/saml//metadata/ ### Description Returns the Service Provider's SAML metadata XML document which contains information necessary for configuration with the Identity Provider, including certificates and endpoint URLs. ### Method GET ### Endpoint /accounts/saml//metadata/ ### Path Parameters - **organization_slug** (string) - Required - Unique identifier for the organization ### Response #### Success Response (200) - **Content-Type**: application/xml - **Body**: XML metadata document containing SP configuration #### Response Example ```xml ``` ``` -------------------------------- ### Configure OIDC Private Key in Django Settings Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/idp/openid-connect/installation Includes the generated RSA private key in Django settings for OIDC provider functionality. The key content must be formatted as a multi-line string within triple quotes. ```python IDP_OIDC_PRIVATE_KEY = """ -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCiStSwvoSk61uf cQvkGDmR6gsM2QjVgKxCTPtg3tMhMO7kXq3PPMEiWlF49JicjPWs5vkYcLAsWNVE ... rfnteLIERvzd4rLi9WjTahfKA2Mq3YNIe3Hw8IDrrczJgd/XkEaENGYXmmNCX22B gtUcukumVPtrDhGK9i/PG3Q= -----END PRIVATE KEY----- """ ``` -------------------------------- ### Configure LINE provider for django-allauth (Python) Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/line Defines the SOCIALACCOUNT_PROVIDERS setting to enable LINE login. Requires django-allauth installed and LINE channel credentials (client_id and secret). The SCOPE includes profile, openid, and email. Place this snippet in your Django settings module. ```Python SOCIALACCOUNT_PROVIDERS = { 'line': { 'APP': { 'client_id': 'LINE_LOGIN_CHANNEL_ID', 'secret': 'LINE_LOGIN_CHANNEL_SECRET' }, "SCOPE": ['profile', 'openid', 'email'] } } ``` -------------------------------- ### Custom account adapter settings - Python Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/account/advanced_display=source Example of specifying a custom account adapter in Django settings. This allows for overriding default allauth behaviors with custom implementations. ```Python ACCOUNT_ADAPTER = 'project.users.adapter.MyAccountAdapter' ``` -------------------------------- ### Configure Tumblr OAuth 2 in Django settings.py Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/tumblr_oauth2_display=source Sets up Tumblr OAuth 2 provider configuration using environment variables for client credentials. Requires SOCIALACCOUNT_PROVIDERS configuration in Django settings. ```python SOCIALACCOUNT_PROVIDERS = { "tumblr": { "SCOPE": ["basic", "write"], "APP": { "client_id": os.environ.get("TUMBLR_CLIENT_ID", ""), "secret": os.environ.get("TUMBLR_CLIENT_SECRET", ""), "key": "", }, }, } ``` -------------------------------- ### Implement JWT Authentication in Django Ninja API (Python) Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/headless/token-strategies/jwt-tokens Demonstrates how to protect a Django Ninja endpoint using the built‑in JWTTokenAuth security class. Import the jwt_token_auth helper, attach it to the route, and define the view function. Requires the allauth headless Ninja integration to be installed. ```Python from allauth.headless.contrib.ninja.security import jwt_token_auth from ninja import NinjaAPI api = NinjaAPI() @api.get("/your/own/api", auth=[jwt_token_auth]) def your_own_api(request): ... ``` -------------------------------- ### Configure Agave Social Account Provider in Python Django Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/agave This Python configuration snippet sets up the Agave social account provider for Django-Allauth by defining the API_URL in the SOCIALACCOUNT_PROVIDERS dictionary. It requires Django and django-allauth to be installed. The input is the provider name and optional API URL; it outputs configured authentication settings. Limitations include requiring HTTPS for production callbacks. ```python SOCIALACCOUNT_PROVIDERS = { 'agave': { 'API_URL': 'https://api.tacc.utexas.edu', } } ``` -------------------------------- ### Configure Dwolla Social Account Provider in Django Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/dwolla_display=source This Python code snippet demonstrates how to configure Dwolla as a social account provider in Django's settings. It specifies the required API scopes and the environment ('sandbox' or 'production') for the integration. Ensure you have the django-allauth library installed. ```python SOCIALACCOUNT_PROVIDERS = { 'dwolla': { 'SCOPE': [ 'Send', 'Transactions', 'Funding', 'AccountInfoFull', ], 'ENVIROMENT':'sandbox', } } ``` -------------------------------- ### Setup phone verification settings in Django-Allauth Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/account/phone_display=source This Python snippet configures the login methods, required signup fields, and custom account adapter to support phone number verification. It is placed in the project's settings.py and works with the django-allauth library. Ensure the custom adapter implements phone storage and SMS sending; otherwise verification will fail. ```python # Make sure that the login methods includes "phone" as a method. ACCOUNT_LOGIN_METHODS = {"phone", "email"} # Add a required phone field to the signup fields. # ACCOUNT_SIGNUP_FIELDS = [ 'phone*', 'email*' # Can be left out if you want to only use 'phone'. ] ACCOUNT_ADAPTER = 'project.users.adapter.MyAccountAdapter' ``` -------------------------------- ### Migrate SoundCloud UIDs in Django/Allauth Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/soundcloud_display=source This Python code snippet migrates existing SoundCloud SocialAccount records by updating the uid field from numeric IDs to URN format (soundcloud:users:ID) to comply with SoundCloud's API changes. It depends on Django ORM and allauth.socialaccount.models. Inputs: Existing SocialAccount objects with provider='soundcloud' and uid not starting with 'soundcloud:users:'. Outputs: Updated uid fields. Limitations: Manual execution required; only affects pre-65.10.0 setups. ```python from django.db.models import F, Value from django.db.models.functions import Concat from allauth.socialaccount.models import SocialAccount SocialAccount.objects.filter( provider="soundcloud" ).exclude( uid__startswith="soundcloud:users:" ).update( uid=Concat(Value("soundcloud:users:"), F("uid")) ) ``` -------------------------------- ### Using JWTTokenAuthentication in Django API View Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/headless/token-strategies/jwt-tokens_display=source This code snippet shows how to import and apply JWTTokenAuthentication to a custom APIView in Django REST Framework, ensuring JWT-based authentication. It depends on django-allauth headless and rest-framework packages. The view requires authentication via JWT tokens and includes permission checks; inputs are HTTP requests with tokens, outputs are protected GET responses, but the example get method is placeholder and may need implementation for specific logic. ```python from allauth.headless.contrib.rest_framework.authentication import ( JWTTokenAuthentication, ) from rest_framework import permissions from rest_framework.views import APIView class YourOwnAPIView(APIView): authentication_classes = [ JWTTokenAuthentication, ] permission_classes = [permissions.IsAuthenticated] def get(self, request): ... ``` -------------------------------- ### Add allauth.mfa to INSTALLED_APPS in Django settings (Python) Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/mfa/introduction_display=source Adds the allauth.mfa app to the INSTALLED_APPS list in Django settings.py. Requires Django and allauth to be configured. Enables MFA functionality without side effects if properly integrated. ```python INSTALLED_APPS = [ ... # The required `allauth` apps... 'allauth', 'allauth.account', # The MFA app: 'allauth.mfa', ... ] ``` -------------------------------- ### Configuring Amazon Cognito Provider in Django-Allauth Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/amazon_cognito This Python code snippet configures the Amazon Cognito social account provider in Django-Allauth by setting the DOMAIN key in SOCIALACCOUNT_PROVIDERS. It requires the django-allauth package to be installed and depends on a valid Cognito domain URL. The input is the domain prefix from Cognito setup, and it outputs the provider configuration for OAuth authentication. Limitations include requiring proper AWS credentials and not handling multiple regions automatically. ```python SOCIALACCOUNT_PROVIDERS = { 'amazon_cognito': { 'DOMAIN': 'https://.auth.us-east-1.amazoncognito.com', } } ``` -------------------------------- ### Secure API Endpoint Using TokenAuth in Django Ninja Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/idp/openid-connect/integrations This snippet demonstrates how to use the TokenAuth security class from django-allauth OIDC to protect API routes in Django Ninja, requiring a specific scope for access. It depends on the allauth.idp.oidc and ninja packages being installed and configured. The input is an authenticated request with the 'view-resource' scope; if authorized, it allows access to the resource, otherwise denies it. Limitations include the need for prior OIDC provider setup and token validation configuration. ```Python from allauth.idp.oidc.contrib.ninja.security import TokenAuth from ninja import NinjaAPI api = NinjaAPI() @api.get("/api/resource", auth=[TokenAuth(scope=["view-resource"])]) def resource(request): ... ``` -------------------------------- ### Secure API View Using TokenAuthentication in Django REST Framework Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/idp/openid-connect/integrations This example shows implementing TokenAuthentication and TokenPermission from django-allauth OIDC to secure class-based views in Django REST Framework, enforcing a required scope. It requires allauth.idp.oidc and rest_framework dependencies, with OIDC integration enabled. Inputs include a token-bearing request; successful scope check ('view-resource') grants GET access to the resource. Limitations: Assumes OIDC token introspection is configured; not suitable for non-class-based views without adaptation. ```Python from rest_framework.views import APIView from allauth.idp.oidc.contrib.rest_framework.authentication import TokenAuthentication from allauth.idp.oidc.contrib.rest_framework.permissions import TokenPermission class ResourceView(APIView): authentication_classes = [TokenAuthentication] permission_classes = [TokenPermission.has_scope(["view-resource"])] def get(request, *args, **kwargs): ... ``` -------------------------------- ### Telegram Provider Setup in Django Allauth Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/telegram_display=source This configuration defines the SOCIALACCOUNT_PROVIDERS dictionary for the Telegram provider, specifying the app client ID and secret (bot token). It includes AUTH_PARAMS for setting auth_date_validity, with a default of 30 seconds, which can be adjusted for expiration. Requires proper bot token setup and server time synchronization via NTP if needed. ```python SOCIALACCOUNT_PROVIDERS = { 'telegram': { 'APP': { 'client_id': '', # NOTE: For the secret, be sure to provide the complete bot token, # which typically includes the bot ID as a prefix. 'secret': '', }, 'AUTH_PARAMS': {'auth_date_validity': 30}, } } ``` -------------------------------- ### Configure Django INSTALLED_APPS for django-allauth Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/installation/quickstart This snippet lists the required and optional applications to be included in Django's INSTALLED_APPS setting for django-allauth. It includes core Django apps, allauth, and various social account providers. ```python INSTALLED_APPS = [ ... # The following apps are required: 'django.contrib.auth', 'django.contrib.messages', 'allauth', 'allauth.account', # Optional -- requires install using `django-allauth[socialaccount]`. 'allauth.socialaccount', # ... include the providers you want to enable: 'allauth.socialaccount.providers.agave', 'allauth.socialaccount.providers.amazon', 'allauth.socialaccount.providers.amazon_cognito', 'allauth.socialaccount.providers.angellist', 'allauth.socialaccount.providers.apple', 'allauth.socialaccount.providers.asana', 'allauth.socialaccount.providers.auth0', 'allauth.socialaccount.providers.authentiq', 'allauth.socialaccount.providers.baidu', 'allauth.socialaccount.providers.basecamp', 'allauth.socialaccount.providers.battlenet', 'allauth.socialaccount.providers.bitbucket_oauth2', 'allauth.socialaccount.providers.bitly', 'allauth.socialaccount.providers.box', 'allauth.socialaccount.providers.cilogon', 'allauth.socialaccount.providers.clever', 'allauth.socialaccount.providers.coinbase', 'allauth.socialaccount.providers.dataporten', 'allauth.socialaccount.providers.daum', 'allauth.socialaccount.providers.digitalocean', 'allauth.socialaccount.providers.dingtalk', 'allauth.socialaccount.providers.discogs', 'allauth.socialaccount.providers.discord', 'allauth.socialaccount.providers.disqus', 'allauth.socialaccount.providers.douban', 'allauth.socialaccount.providers.doximity', 'allauth.socialaccount.providers.draugiem', 'allauth.socialaccount.providers.drip', 'allauth.socialaccount.providers.dropbox', 'allauth.socialaccount.providers.dwolla', 'allauth.socialaccount.providers.edmodo', 'allauth.socialaccount.providers.edx', 'allauth.socialaccount.providers.eventbrite', 'allauth.socialaccount.providers.eveonline', 'allauth.socialaccount.providers.evernote', 'allauth.socialaccount.providers.exist', 'allauth.socialaccount.providers.facebook', 'allauth.socialaccount.providers.feedly', 'allauth.socialaccount.providers.figma', 'allauth.socialaccount.providers.fivehundredpx', 'allauth.socialaccount.providers.flickr', 'allauth.socialaccount.providers.foursquare', 'allauth.socialaccount.providers.frontier', 'allauth.socialaccount.providers.fxa', 'allauth.socialaccount.providers.gitea', 'allauth.socialaccount.providers.github', 'allauth.socialaccount.providers.gitlab', 'allauth.socialaccount.providers.globus', 'allauth.socialaccount.providers.google', 'allauth.socialaccount.providers.gumroad', 'allauth.socialaccount.providers.hubic', 'allauth.socialaccount.providers.instagram', 'allauth.socialaccount.providers.jupyterhub', 'allauth.socialaccount.providers.kakao', 'allauth.socialaccount.providers.lemonldap', "allauth.socialaccount.providers.lichess", 'allauth.socialaccount.providers.line', 'allauth.socialaccount.providers.linkedin', 'allauth.socialaccount.providers.linkedin_oauth2', 'allauth.socialaccount.providers.mailchimp', 'allauth.socialaccount.providers.mailcow', 'allauth.socialaccount.providers.mailru', 'allauth.socialaccount.providers.mediawiki', 'allauth.socialaccount.providers.meetup', 'allauth.socialaccount.providers.miro', 'allauth.socialaccount.providers.microsoft', 'allauth.socialaccount.providers.naver', 'allauth.socialaccount.providers.nextcloud', 'allauth.socialaccount.providers.notion', 'allauth.socialaccount.providers.odnoklassniki', 'allauth.socialaccount.providers.openid', 'allauth.socialaccount.providers.openid_connect', 'allauth.socialaccount.providers.openstreetmap', 'allauth.socialaccount.providers.orcid', 'allauth.socialaccount.providers.patreon', 'allauth.socialaccount.providers.paypal', 'allauth.socialaccount.providers.persona', 'allauth.socialaccount.providers.pinterest', 'allauth.socialaccount.providers.pocket', "allauth.socialaccount.providers.questrade", 'allauth.socialaccount.providers.quickbooks', 'allauth.socialaccount.providers.reddit', ] ``` -------------------------------- ### SAML Configuration Overview Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/saml_display=source Overview of SAML configuration including IdP and SP settings with advanced options. ```APIDOC ## SAML Configuration ### Description Configuration structure for SAML authentication covering Identity Provider (IdP), Service Provider (SP) and advanced settings. ### Configuration Structure { "idp": { "entity_id": "https://idp.example.com/saml2/idp/SSOService.php", "single_sign_on_service": { "url": "https://idp.example.com/saml2/idp/SSOService.php", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" }, "single_logout_service": { "url": "https://idp.example.com/saml2/idp/SLOService.php", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" }, "x509cert": "-----BEGIN CERTIFICATE-----\nMIIDHTCCAgWgAwIBAgIJLogff5x+S0BlMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV\n...\n-----END CERTIFICATE-----" }, "sp": { "entity_id": "https://serviceprovider.com/sso/sp/metadata.xml" }, "advanced": { "allow_repeat_attribute_name": true, "allow_single_label_domains": false, "authn_request_signed": false, "digest_algorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", "logout_request_signed": false, "logout_response_signed": false, "metadata_signed": false, "name_id_encrypted": false, "name_id_format": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", "private_key": "MIID/zCCAuegAwIBAg...VGgdy+xoA==", "reject_deprecated_algorithm": true, "reject_idp_initiated_sso": true, "signature_algorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", "want_assertion_encrypted": false, "want_assertion_signed": false, "want_attribute_statement": true, "want_message_signed": false, "want_name_id": false, "want_name_id_encrypted": false, "x509cert": "MIIEvQIBADANB...oddbXECo=", "metadata_valid_until": null, "metadata_cache_duration": null }, "contact_person": { "technical": { "givenName": "Alice", "emailAddress": "alice@example.com" }, "administrative": { "givenName": "Bob", "emailAddress": "bob@example.com" } } } ``` -------------------------------- ### GET /accounts/saml//sls/ Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/saml_display=source Handles the Single Logout Service request for terminating user sessions. ```APIDOC ## GET /accounts/saml//sls/ ### Description Handles the Single Logout Service (SLS) request to terminate user sessions both locally and at the Identity Provider. ### Method GET ### Endpoint /accounts/saml//sls/ ### Path Parameters - **organization_slug** (string) - Required - Unique identifier for the organization ### Response #### Redirect Response (302) Redirects to the post-logout redirect URL ``` -------------------------------- ### Implement One Tap Sign-In in HTML and JavaScript Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/google_display=source Embeds Google's One Tap Sign-In in HTML templates for django-allauth. Requires Google client ID and django url. Input: Template with script and div. Output: Login prompt. Limitations: Requires JavaScript and Google SDK. ```html
``` -------------------------------- ### Get configured providers in Django templates Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/templates_display=source Retrieves list of configured social authentication providers for the current site, replacing older context processor approach. ```Django Template {% get_providers as socialaccount_providers %} ``` -------------------------------- ### Configure OpenID Connect providers in django-allauth Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/openid_connect Demonstrates how to set up multiple OpenID Connect providers with individual configurations including client IDs, secrets, server URLs, and PKCE settings. Each app represents an independent provider with customizable authentication methods. ```python SOCIALACCOUNT_PROVIDERS = { "openid_connect": { # Optional PKCE defaults to False, but may be required by your provider # Can be set globally, or per app (settings). "OAUTH_PKCE_ENABLED": True, "APPS": [ { "provider_id": "my-server", "name": "My Login Server", "client_id": "your.service.id", "secret": "your.service.secret", "settings": { # When enabled, an additional call to the userinfo # endpoint takes place. The data returned is stored in # `SocialAccount.extra_data`. When disabled, the (decoded) ID # token payload is used instead. "fetch_userinfo": True, "oauth_pkce_enabled": True, "server_url": "https://my.server.example.com", # Optional token endpoint authentication method. # May be one of "client_secret_basic", "client_secret_post" # If omitted, a method from the the server's # token auth methods list is used "token_auth_method": "client_secret_basic", }, }, { "provider_id": "other-server", "name": "Other Login Server", "client_id": "your.other.service.id", "secret": "your.other.service.secret", "settings": { "server_url": "https://other.server.example.com", }, }, ] } } ``` -------------------------------- ### Override Recovery Codes Generation Form Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/mfa/forms_display=source Guides customization of GenerateRecoveryCodesForm used in GenerateRecoveryCodesView. Useful for modifying how recovery codes are generated. Register the custom implementation in settings.py under generate_recovery_codes. ```python from allauth.mfa.recovery_codes.forms import GenerateRecoveryCodesForm class MyCustomGenerateRecoveryCodesForm(GenerateRecoveryCodesForm): pass ``` ```python MFA_FORMS = { 'generate_recovery_codes': 'mysite.forms.MyCustomGenerateRecoveryCodesForm', } ``` -------------------------------- ### Configure Trello OAuth scopes in django-allauth Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/socialaccount/providers/trello Sets custom OAuth scopes for Trello integration in django-allauth. The example shows read and write permissions. Modify the 'scope' parameter as needed for your application requirements. ```Python SOCIALACCOUNT_PROVIDERS = { 'trello': { 'AUTH_PARAMS': { 'scope': 'read,write', }, }, } ``` -------------------------------- ### Override form element template for custom form markup Source: https://codeberg.org/allauth/django-allauth/src/branch/main/docs/common/templates Provides an example of overriding `allauth/elements/form.html` to render a `
` tag with slots for body and actions, and includes a horizontal rule separator. ```Django Template {% load allauth %}\n\n {% slot body %}\n {% endslot %}\n
\n {% slot actions %}\n {% endslot %}\n
```