Mon, 19 Jan 2009

Django, OpenID and OAuth

posted at: 04:15 | Tags: , , , | permalink | trackback | 0 comment(s)

I have previously written how I decided to implement Recycloid server using Django and django-openid. Now I've done some more experimenting and OAuth part will be implemented using django-oauth.

If you've already got (or are willing to get) an OpenID, you can login to a test server. You can also browse the source code of the server and its history using your browser (thanks to LoggerHead). The Bazaar branch can be found at if you want to try it yourself.

If you do login, and register a new OAuth Consumer, you can use the shell script (revision 25) to test the OAuth access. The script is tested using ash on a Linux environment, and requires at least wget and optionally lynx installed. Before you run the script, export CONSUMER_KEY and CONSUMER_SECRET environment variables (with matching values you get at the site).


Read the 0 comment(s) or add a comment.

Sun, 30 Nov 2008

Django and OpenID

posted at: 23:16 | Tags: , | permalink | trackback | 1 comment(s)

I've been meaning to start developing the server part for Recycloid. It's otherwise quite boring server, but it should allow users to login using OpenID. I finally decided to look into implementing it using Django.

For OpenID, I found three options: django-authopenid, django-openid and django-openid-auth. In the following I will take a look into first two of them, focusing on their suitability to my needs. The third one seems abandoned (only developed between Sep 27 - Oct 18 2007), so I will not look into it further.

django-authopenid (version 0.9.6)

django-authopenid is easy to set up by following the README. Its main feature is that it allows users to login either with "legacy" username/password pair or an OpenID. When user authenticates via OpenID for the first time, user needs to associate the OpenID either with an existing account or a new account. That basically means that the user needs to either login with site specific username and a password or create a new account picking a unique username and a new password. That's pretty much the chore I was hoping OpenID would make obsolete.

django-authopenid has seen a pretty steady development since its birth on Nov 2007. I gather that this project is based on an older version of django-openid code. Support for multiple OpenIDs per account is under development, while it is part of django-openid feature set already.

django-openid (SVN checkout, revision 57)

I had to work a little to get this one installed and working. It seems like it's developed using Python 2.5 (or newer), but I'm doing this experiment on a Debian 4.0 which comes with Python 2.4.4. First thing I needed to do is install a backport of hashlib, which is bundled in Python 2.5. That was easy. But the combination of Python 2.4 and hashlib 20081119 triggered a bug in python-openid library, which seems to get fixed with a little patch.

Once installed, this package seems to fit my requirements quite nicely. User logs in and that's it. No need for registering with the site.

As can be seen from the version, this project hasn't actually released anything, yet. The development of this software began on Feb 2007, and has seen intermittent activity since. The activity has still been more active than most one man shows.


Read the 1 comment(s) or add a comment.