'How to permit only users with a particular domain to login? Django google authentication
I'm trying to limit the access to a page only to logged users. I used the google authentication, but it let every account to log in; instead i want to avoid every domains different from 'fermi.mo.it'. A google account like [email protected] shouldn't be able to login, while an account like [email protected] should be able to.
I noticed this code to make it, but it doesnt work. It says: "No module named 'social_core'" but i installed it.
AUTHENTICATION_BACKENDS = (
'social_core.backends.google.GoogleOAuth2',
'django.contrib.auth.backends.ModelBackend',
)
SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = ['fermi.mo.it']
These are all the modules that i installed:
Solution 1:[1]
If django is not able to find the module, make sure that you have added the 'social_django' ro installed apps.
Other soution is that you can create a validator at level Serializer or model according you. Which of them choose? That's other topic.
- Django Model field validation vs DRF Serializer field validation
- How to validate against full model data in DjangoREST Framework
You only have to check if the email contains the string 'fermi.mo.it'. If don't, raise and exception.
The documentation of each one: Django Validators and Validators DRF.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Jony_23 |