{ "info": { "author": "Anton Strogonoff", "author_email": "anton@strogonoff.name", "bugtrack_url": null, "classifiers": [ "Environment :: Web Environment", "Framework :: Django", "Intended Audience :: Developers", "License :: OSI Approved :: BSD License", "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.7", "Topic :: Internet :: WWW/HTTP", "Topic :: Internet :: WWW/HTTP :: Dynamic Content" ], "description": "django-upwork-auth\r\n==================\r\n\r\nSimple Upwork login for your app. Tested with Django 1.8 (see example project).\r\n\r\nBefore oDesk rebranded as Upwork, this library was called django-odesk-auth.\r\nThe latest version of django-odesk-auth works with Upwork already.\r\nThis library is not backwards compatible with django-odesk-auth.\r\n\r\n\r\nCreating Upwork OAuth API key\r\n-----------------------------\r\n\r\nGo to https://www.upwork.com/services/api/apply.\r\n\r\n* Authentication type should be set to \"OAuth 1.0\".\r\n* Callback URL should be left blank.\r\n* Default authentication backend requires\r\n \"View the structure of your companies/teams\" permission to be checked.\r\n\r\n\r\nAdding Upwork auth to your Django project\r\n-----------------------------------------\r\n\r\nMake sure you have ``django-upwork-auth`` and ``python-upwork==1.0`` installed.\r\nMake sure you have Django's sites and session frameworks enabled.\r\n\r\n1. Add ``'django_upwork_auth'`` to ``INSTALLED_APPS``.\r\n\r\n2. Add ``'django_upwork_auth.backends.UpworkOAuthBackend'``\r\n to AUTHENTICATION_BACKENDS.\r\n\r\n3. Specify ``UPWORK_OAUTH_KEY`` and ``UPWORK_OAUTH_SECRET`` settings\r\n with your key information.\r\n\r\n4. Add ``'your_upwork_username'`` to ``UPWORK_AUTH_ALLOWED_USERS``,\r\n and set ``UPWORK_AUTH_AUTO_CREATE_USERS`` to True.\r\n\r\n5. Include ``django_upwork_auth.urls`` in your URL patterns.\r\n\r\n6. In your login page template, put a link (say, \"Log in via Upwork\")\r\n and point it to ``{% url \"upwork_oauth_login\" %}``.\r\n\r\n7. Open login page and click \"Log in via Upwork\" to verify everything works.\r\n\r\nIMPORTANT: keep ``UPWORK_OAUTH_KEY`` and ``UPWORK_OAUTH_SECRET`` settings\r\nin a file that is not under version control. One way to do that is to keep\r\nall public settings in versioned file named say ``settings_base.py``,\r\nfrom which you import everything in ``settings.py`` that is not versioned.\r\nDjango in this setup should be pointed to ``settings.py``, as usual.\r\n\r\n\r\nExample project\r\n---------------\r\n\r\nRequirements: Vagrant, Ansible, and free 8000 port.\r\n\r\nFirst, fill in the necessary settings in ``example_project/settings.py``\r\n(see comments in the file).\r\n\r\nFrom ``example_project`` directory, bring up a VM using Vagrantfile provided\r\nand manually run Django development server in it::\r\n\r\n $ vagrant up\r\n $ vagrant ssh\r\n vm$ cd /vagrant/example_project/\r\n vm$ ./manage.py runserver 0.0.0.0:8000\r\n\r\nOn your host machine, navigate to 127.0.0.1:8000 where you should be able\r\nto test Upwork login functionality in action.\r\n\r\n\r\nAuthentication backend\r\n----------------------\r\n\r\nStock authentication backend assumes that you only use Upwork login in your app.\r\nWhen someone logs in, if their Upwork ID matches existing username, it logs\r\nthem in as that user. If there's no username matching given Upwork ID, it optionally\r\ncreates a user with such username.\r\n\r\nATTENTION: Watch out you are using other authentication methods\r\nor for some reason have any chance of one end user's Upwork ID matching\r\nexisting username of another end user!\r\n\r\nStock authentication backend provides optional basic access control facilities.\r\nYou can specify who is allowed to log in to your site and who upon login gets\r\nstaff and/or superuser statuses. This is configured through Django settings.\r\n\r\nIf whitelisting is on and given user is not on the white list, their\r\n``User.is_active`` flag gets set to False upon login.\r\n\r\nSee below for settings provided by stock authentication backend.\r\n\r\nYou can subclass stock authentication backend to override user manipulation\r\n(see ``handle_unknown_user()`` and ``update_user()`` methods).\r\n\r\n\r\nMaking authenticated Upwork API calls\r\n-------------------------------------\r\n\r\nAfter user is successfully authenticated you can call Upwork API on their behalf.\r\nFor that you'd need the access token obtained during OAuth flow.\r\n\r\nBy default this app uses Django's built-in session framework to store\r\naccess token. The key it uses can be retrieved from\r\n``django_upwork_auth.settings.ACCESS_TOKEN_SESSION_KEY``\r\nand customized via ``UPWORK_OAUTH_ACCESS_TOKEN_SESSION_KEY`` setting.\r\n\r\nExample code you can have in your view::\r\n\r\n from django_upwork_auth import utils, settings\r\n\r\n upwork_client = utils.get_client(\r\n request.session[settings.ACCESS_TOKEN_SESSION_KEY])\r\n\r\n print upwork_client.hr.get_teams()\r\n # Should output list of teamrooms current user belongs to\r\n\r\nYou can use another storage technique by overriding\r\n``UPWORK_OAUTH_ACCESS_TOKEN_STORE_FUNC``. It's useful if you need to make Upwork API call\r\nbut can't easily read user's session because there's no request context.\r\nFor example, you can store access token with associated username in Redis\r\nand query it in your asynchronous tasks.\r\n\r\nNote:\r\n\r\n* How you make API calls is up to you. Internally django-upwork-auth\r\n uses python-upwork library, and so does the above example.\r\n\r\n* ``utils.get_client()`` function returns an instance of ``upwork.Client``.\r\n Handy if you're using python-upwork library to make API calls.\r\n\r\n\r\nVerifying OAuth access token\r\n----------------------------\r\n\r\nSometimes there's a need to make sure that current user's authentication\r\nis still valid\u2014that they, for example, didn't revoke access to their account.\r\n\r\nThis app provides a helper for that: see ``utils.check_login()``.\r\nIt can be used in a view like this::\r\n\r\n from django_upwork_auth import utils\r\n\r\n def oauth_check_login(request):\r\n u\"\"\"Verifies OAuth access token and user status on Upwork.\r\n Returns HTTP 200 (OK) or HTTP 401 (Unauthorized)\r\n with additional information in response body text.\r\n \"\"\"\r\n access_token = utils.access_token.get(request)\r\n \r\n if access_token is None or len(access_token) != 2:\r\n return http.HttpResponse(\r\n u\"Bad or missing Upwork OAuth access token\", status=401)\r\n \r\n result, details = utils.check_login(access_token)\r\n \r\n if result is True:\r\n return http.HttpResponse(details, status=200)\r\n else:\r\n return http.HttpResponse(details, status=401)\r\n\r\n\r\nAvailable Django settings\r\n-------------------------\r\n\r\nUPWORK_OAUTH_KEY, UPWORK_OAUTH_SECRET\r\n API key information.\r\n\r\nUPWORK_AUTH_LOGIN_REDIRECT_URL = settings.LOGIN_REDIRECT_URL\r\n Where to redirect the user at the end of OAuth flow.\r\n Path or URL pattern name.\r\n\r\nUPWORK_AUTH_ACCESS_TOKEN_STORE_FUNC\r\n Function to be called to store OAuth access token for future access.\r\n It's passed two arguments: a request where user is already\r\n authenticated and the access token associated with that user.\r\n Default implementation stores token in session under ``ACCESS_TOKEN_SESSION_KEY``.\r\n\r\nSpecific to stock authentication backend\r\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n\r\nThese are relevant unless you subclass stock ``backends.UpworkOAuthBackend`` and override\r\nsome of its logic.\r\n\r\nBy default anyone can log in. Whitelist mode can be turned on by assigning non-empty tuple\r\nto ``UPWORK_AUTH_WHITELIST`` or ``UPWORK_AUTH_TEAM_WHITELIST`` setting.\r\n\r\nUPWORK_AUTH_AUTO_CREATE_USERS = False\r\n Whether to create a new account in Django if given user uses Upwork login\r\n for the first time (i.e., ID returned by Upwork is free in your Django DB).\r\n\r\nUPWORK_AUTH_WHITELIST = () \r\n Upwork IDs of users who are allowed to log in via Upwork.\r\n\r\nUPWORK_AUTH_STAFF_WHITELIST = () \r\n Upwork IDs of users who are marked as ``is_staff`` upon login.\r\n\r\nUPWORK_AUTH_SUPERUSER_WHITELIST = () \r\n Upwork IDs of users who are marked as ``is_superuser`` upon login.\r\n\r\nUPWORK_AUTH_TEAM_WHITELIST = () \r\n IDs of Upwork teamrooms, members of which are allowed to log in via Upwork.\r\n\r\nUPWORK_AUTH_STAFF_TEAM_WHITELIST = () \r\n IDs of Upwork teamrooms, members of which are marked as ``is_staff`` upon login.\r\n\r\nUPWORK_AUTH_SUPERUSER_TEAM_WHITELIST = () \r\n IDs of Upwork teamrooms, members of which are marked as ``is_superuser`` upon login.", "description_content_type": null, "docs_url": null, "download_url": "http://github.com/strogonoff/django-upwork-auth", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "", "keywords": "", "license": "BSD License", "maintainer": "", "maintainer_email": "", "name": "django-upwork-auth", "package_url": "https://pypi.org/project/django-upwork-auth/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/django-upwork-auth/", "project_urls": { "Download": "http://github.com/strogonoff/django-upwork-auth" }, "release_url": "https://pypi.org/project/django-upwork-auth/1.0-beta/", "requires_dist": null, "requires_python": null, "summary": "Upwork OAuth login for your Django-based project", "version": "1.0-beta" }, "last_serial": 1642901, "releases": { "1.0-beta": [ { "comment_text": "", "digests": { "md5": "27dd0f611d3e0ec8b057973e16a4a6da", "sha256": "1a59bcf99526419389054553887fd5439a728521d06fcb30c3ae278fe6da4da4" }, "downloads": -1, "filename": "django-upwork-auth-1.0-beta.tar.gz", "has_sig": false, "md5_digest": "27dd0f611d3e0ec8b057973e16a4a6da", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12110, "upload_time": "2015-07-21T08:22:39", "url": "https://files.pythonhosted.org/packages/a7/a1/334f489227cd76e3f986fb84fa864e1d3f2d9a8843116f995703fa265d52/django-upwork-auth-1.0-beta.tar.gz" } ], "1.0-dev": [ { "comment_text": "", "digests": { "md5": "c0ea89d4681a8d868d39956468aeb309", "sha256": "e96d73b54c24845ab91938b0cde0b5f2c3ee0b1d0590ad0b41c19f58556c5618" }, "downloads": -1, "filename": "django-upwork-auth-1.0-dev.tar.gz", "has_sig": false, "md5_digest": "c0ea89d4681a8d868d39956468aeb309", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12233, "upload_time": "2015-06-22T05:01:21", "url": "https://files.pythonhosted.org/packages/2d/5e/462c96304fb899976eb6ecbba1039da1dd55392b3d201adcdf7e401f47ef/django-upwork-auth-1.0-dev.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "27dd0f611d3e0ec8b057973e16a4a6da", "sha256": "1a59bcf99526419389054553887fd5439a728521d06fcb30c3ae278fe6da4da4" }, "downloads": -1, "filename": "django-upwork-auth-1.0-beta.tar.gz", "has_sig": false, "md5_digest": "27dd0f611d3e0ec8b057973e16a4a6da", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12110, "upload_time": "2015-07-21T08:22:39", "url": "https://files.pythonhosted.org/packages/a7/a1/334f489227cd76e3f986fb84fa864e1d3f2d9a8843116f995703fa265d52/django-upwork-auth-1.0-beta.tar.gz" } ] }