Django-rest-auth library provides a set of REST API endpoints for registration, authentication (including social media authentication), password reset, retrieve and update user details, etc. By having these API endpoints, your client apps such as AngularJS, iOS, Android, and others can communicate to your Django backend site independently via REST APIs for user management.
OAuth Single Sign On
OAuth (Open Authorization) is an open standard for token-based authentication and authorization. OAuth allows an end user's account information to be used by third-party services, such as Facebook, without exposing the user's password. It acts as an intermediary on behalf of the end user, providing the service with an access token that authorizes specific account information to be shared. miniOrange provides a solution by introducing a WordPress plugin called OAuth Client to support Django single sign on and allows a user to access the website by using their Django REST Auth API (OAuth Server) to login into WordPress. OAuth Client plugin also allows login with Google, Facebook, Twitter or another custom OAuth server. OAuth Client plugin works with any OAuth provider that conforms to the OAuth 2.0 standard.
Django REST Auth SSO with WordPress using miniOrange OAuth Client
WordPress works as an OAuth Client with miniOrange OAuth Client Plugin & Django REST API as an OAuth server for authentication.
Thus, with miniOrange OAuth Client plugin, you can configure your site to allow users to access your site using Django Application. This allows the users to seamlessly access your services without having to separately register themselves on your site.
Steps for Django REST Auth Authentication: -
- The user initiates login with Django Application & send a request with username, password as input to OAuth Server. (Django REST Auth API)
- Django Application redirects user to Django REST Auth page for login.
- The user is asked to authorize the application.
- After successful authentication, Django REST Auth API (OAuth Server) returns one-time code parameter to WordPress.
- WordPress application request Access Token in exchange of one-time code.
- When an access token is received, OAuth client request user attributes for logged in user.
- Django Application returns firstname, lastname, Email & other attributes corresponding to the user to which access token was assigned.
- WordPress login user with received attributes.
- Single Sign-On between WordPress & Django Application established through Django REST API(OAuth Server) & miniOrange OAuth Client connector.