| ... | @@ -11,7 +11,7 @@ DjangoLDP achieves this using [OpenID Connect (OIDC)](https://openid.net/connect |
... | @@ -11,7 +11,7 @@ DjangoLDP achieves this using [OpenID Connect (OIDC)](https://openid.net/connect |
|
|
|
|
|
|
|
When implementing authentication in your own application, you have two options:
|
|
When implementing authentication in your own application, you have two options:
|
|
|
* Using or extending DjangoLDP-Account, a DjangoLDP package modelling federated users
|
|
* Using or extending DjangoLDP-Account, a DjangoLDP package modelling federated users
|
|
|
* Using your own user model & defining the authentication behaviour yourself
|
|
* [Using your own user model](https://git.startinblox.com/djangoldp-packages/djangoldp/wikis/guides/authentication#using-your-own-user-model) & defining the authentication behaviour yourself
|
|
|
|
|
|
|
|
Regardless of the choice you make, DjangoLDP will extend your user model to include a method `webid` which returns uri to identify your user, for example `https://aliceswebsite.com/users/alice`. This is used in `LDPSerializer` so that views are returned in linked-data format, describing the semantics and location of resources in the response
|
|
Regardless of the choice you make, DjangoLDP will extend your user model to include a method `webid` which returns uri to identify your user, for example `https://aliceswebsite.com/users/alice`. This is used in `LDPSerializer` so that views are returned in linked-data format, describing the semantics and location of resources in the response
|
|
|
|
|
|
| ... | @@ -87,6 +87,8 @@ You can subclass `WebFinger`, overriding the `response` method to add informatio |
... | @@ -87,6 +87,8 @@ You can subclass `WebFinger`, overriding the `response` method to add informatio |
|
|
|
|
|
|
|
More is happening under the surface, as DjangoLDP comes packaged with [django-oidc-provider](https://django-oidc-provider.readthedocs.io/en/latest/) which handles much of the workflow
|
|
More is happening under the surface, as DjangoLDP comes packaged with [django-oidc-provider](https://django-oidc-provider.readthedocs.io/en/latest/) which handles much of the workflow
|
|
|
|
|
|
|
|
* If you would like users from other sites to log into your site, then you will need to implement the endpoints of the Relying Party (RP)
|
|
## Implementing the Relying Party (RP)
|
|
|
|
|
|
|
|
If you would like users from other sites to log into your site, then you will need to implement the endpoints of the Relying Party (RP)
|
|
|
|
|
|
|
|
An example implementation of the Relying Party endpoint [can be found in DjangoLDP-Account](https://git.startinblox.com/djangoldp-packages/djangoldp-account/blob/master/djangoldp_account/endpoints/rp_login.py). When the user submits their webfinger ID or OIDC provider to the [login form](https://git.startinblox.com/djangoldp-packages/djangoldp-account/blob/master/djangoldp_account/templates/registration/login.html), the endpoint utilises [PyOIDC](https://pyoidc.readthedocs.io/en/latest/examples/rp.html) to discover the issuer of the provider, and provides the callback function in this endpoint to log the user in once authenticated |
|
An example implementation of the Relying Party endpoint [can be found in DjangoLDP-Account](https://git.startinblox.com/djangoldp-packages/djangoldp-account/blob/master/djangoldp_account/endpoints/rp_login.py). When the user submits their webfinger ID or OIDC provider to the [login form](https://git.startinblox.com/djangoldp-packages/djangoldp-account/blob/master/djangoldp_account/templates/registration/login.html), the endpoint utilises [PyOIDC](https://pyoidc.readthedocs.io/en/latest/examples/rp.html) to discover the issuer of the provider, and provides the callback function in this endpoint to log the user in once authenticated |
|
|
|
\ No newline at end of file |
