I’m back to work, after a seaside vacation.
My current task is to make possible for the user to login through various social networks, such as Facebook, Twitter, Google. This is quite important because we might run World of USO in another context and users would be more likely to try our game if they had the possibility to login with an existing social account.
I started reading about the OAuth protocol and how the login mechanism works. I learned that you have to follow a bunch of steps before you are granted permission to access the user’s data. First, you register your app with the desired social network to get a unique ID. After that you make a GET request to their servers with some parameters (app_id, redirect_uri). They give you back a code (if the user authorizes your app) which you are going to exchange for an access token. Eventually, you use that access token to get the data you need using their API.
I was able to implement that routine myself for Facebook, after reading their documentation. But there are some pitfalls regarding user creation. Therefore, Alex and I decided to use a tested and well-known mechanism among Django users. It is called django-social-auth and it does exactly what we need.
I managed to integrate django-social-auth with World of USO. Now users are able to log in with Facebook and Twitter. It raised a weird exception when trying to authenticate with Google but I think it can be fixed. I am now waiting for Alex’s review and further instructions.
The thing I enjoyed most about working on the social login was that I got to talk with the man who wrote django-social-auth. I was confused about how the mechanism was authenticating its users, so I decided to send a mail to its creator. He responded very fast and was patient with me. That’s why I love the open source community!
Below is a screenshot with the newly added feature.