Django allauth social login: automatically linking social site profiles using the registered email

django django-1.5 django-allauth
neves picture neves · Oct 14, 2013 · Viewed 12k times · Source

I aim to create the easiest login experience possible for the users of my Django site. I imagine something like:

  1. Login screen is presented to user
  2. User selects to login with Facebook or Google
  3. User enter password in external site
  4. User can interact with my site as an authenticated user

Ok, this part is easy, just have to install django-allauth and configure it.

But I also want to give the option to use the site with a local user. It would have another step:

  1. Login screen is presented to user
  2. User selects to register
  3. User enter credentials
  4. Site sends a verification email
  5. User clicks in email link and can interact with my site as an authenticated user

Ok, both the default authentication and allauth can do it. But now is the million dollars question.

If they change how they do the login, how do I automatically associate their Google, FB and local accounts?

See that any way they login, I have their email address. Is it possible to do it using django-allauth? I know I can do it with user intervention. Today the default behavior is to refuse the login saying that the email is already registered.

If it isn't possible to do just with configuration, I'll accept the answer that gives me some orientation about which modifications should I make in allauth code to support this workflow.

There are a lot of reasons to do this. The users will forget which method they used to authenticate, and will sometimes use Google, sometimes FB and sometimes the local user account. We already have a lot of local user accounts and social accounts will be a new feature. I want the users to maintain their identity. I envision the possibility to ask for the user friends list, so if they logged using Google, I'd like to also have their FB account.

It is a hobby site, there isn't great security requirements, so please don't answer that this isn't a wise security implementation.

Later, I'd create a custom user model to have just the email as the login id. But I'll be happy with an answer that just let me automatically associate a accounts of the default user model that has a required username.

I'm using Django==1.5.4 and django-allauth==0.13.0

Answer

sspross picture sspross · Jun 2, 2015

Note (2018-10-23): I'm not using this anymore. Too much magic happening. Instead I enabled SOCIALACCOUNT_EMAIL_REQUIRED and 'facebook': { 'VERIFIED_EMAIL': False, ... }. So allauth will redirect social logins on a social signup form to enter a valid email address. If it's already registered an error shows up to login first and then connect the account. Fair enough for me atm.

I'm trying to improve this kind of use case and came up with the following solution:

from allauth.account.models import EmailAddress
from allauth.socialaccount.adapter import DefaultSocialAccountAdapter

class SocialAccountAdapter(DefaultSocialAccountAdapter):
    def pre_social_login(self, request, sociallogin):
        """
        Invoked just after a user successfully authenticates via a
        social provider, but before the login is actually processed
        (and before the pre_social_login signal is emitted).

        We're trying to solve different use cases:
        - social account already exists, just go on
        - social account has no email or email is unknown, just go on
        - social account's email exists, link social account to existing user
        """

        # Ignore existing social accounts, just do this stuff for new ones
        if sociallogin.is_existing:
            return

        # some social logins don't have an email address, e.g. facebook accounts
        # with mobile numbers only, but allauth takes care of this case so just
        # ignore it
        if 'email' not in sociallogin.account.extra_data:
            return

        # check if given email address already exists.
        # Note: __iexact is used to ignore cases
        try:
            email = sociallogin.account.extra_data['email'].lower()
            email_address = EmailAddress.objects.get(email__iexact=email)

        # if it does not, let allauth take care of this new social account
        except EmailAddress.DoesNotExist:
            return

        # if it does, connect this new social login to the existing user
        user = email_address.user
        sociallogin.connect(request, user)

As far as I can test it, it seems to work well. But inputs and suggestions are very welcome!

Related questions

Setting DEBUG = False causes 500 Error

Once I change the DEBUG = False, my site will generate 500 (using wsgi & manage.py runserver), and there is no error info in Apache error log and it will run normally when I change debug to True . I'm using Django 1.5 &…

Read More
AttributeError: 'Manager' object has no attribute 'get_by_natural_key' error in Django?

I am using Django '1.5c1'. I have this line in my settings.py: AUTH_USER_MODEL = 'fileupload.galaxyuser' Here's my Galaxyuser model: class GalaxyUser(models.Model): id = models.IntegerField(primary_key=True) create_time = models.DateTimeField(null=True, …

Read More
AUTH_USER_MODEL refers to model .. that has not been installed and created AbstractUser models not able to login

AUTH_USER_MODEL error solved in EDIT3. Passwords still will not save on user creation via form. I'm using Django 1.5 playing around with the new user override/extension features, and I am not able to register new users via my …

Read More