Let's say I want to build an iOS app that uses a RESTful API as a backend.
I'd want to use Django Rest Framework for that. For three reasons:
- Python is awesome
- Django is awesome
- Django Rest Framework is popular and well documented
My app would need to authenticate users to control access to the different API endpoints. I would need to authenticate my clients through
- my own OAuth2 provider
- third parties OAuth2 providers (e.g. Facebook)
I found Django Oauth Toolkit to be the de facto standard to create your own OAuth2 provider. The integration with Django Rest Framework is well documented too and easy to achieve.
So far so good.
Now what If I want to add register/login through third parties? (Facebook, Twitter, etc).
I guess this is how the process would look like.
And without 3rd parties
I guess I would need to add social accounts tokens to user models (for re-authenticating and interacting with 3rd parties APIS). Django-allauth does that and I use it in one of my project, but sadly django-allauth doesn't seem to fit the current use case since the client is not provided by Django.
So is there a way (an app) to easily integrate social media login/registration with Django Rest Framework and Django OAuth Toolkit? I came across Python Social Auth but I'm not sure about how I would mix this with Django Oauth Toolkit.
Am I on the right path?
How would you implement such an authentication architecture/process with Django?
Thanks
