Howdy, travellers. At Yeti we work on a bunch of mobile and web apps, and like most apps these days, user authentication is a requirement. I'm working on a series to demystify the process of tying together Django REST Framework, your own OAuth scheme, and using OAuth services from Facebook, Twitter, etc.
We have also tackled some of the same problems with Tastypie. See Integrating Django, Tastypie & Python Social Auth to see a Tastypie implementation of Part 3.
Frankly, after making all this work, I'm not convinced that implementing your own OAuth flow (part 2) is much more secure than using token-based authentication. We initially read some documentation that encouraged us to go down this path, but it's not up anymore, and our own thoughts are that it may be unhelpfully complex. Of course, if you're looking to set your app up as an oauth provider for other applications, this is the way to go. But serving your own client-side app with this auth scheme may not really provide any benefit. That said, you should review the authentication flows in parts 2 & 5 and decide for yourself.
If you're looking to set up something similar to part 5 (in-app oauth + social authentication) and you're not interested in how it all works, you may want to check out the descriptively named django-rest-framework-social-oauth2. I haven't used it, but it promises to do something similar to that set up.
Finally, I wrote most of this code when I had been programming for one year, and using DRF for about two weeks. I can 100% guarantee you it is not perfect, and in our fast-changing industry it may become outdated. Feel free to (politely, constructively) help me learn.
At our last Django Meetup Group event, Jayden Windle, the lead engineer at Jetpack, an on demand delivery company, talks building APIs with Django and GraphQL. Watch the video to learn more.
At the last meeting of the San Francisco Django Meetup Group, Wes Kendall gave a talk on how to make a bulletproof Django application by testing it with pytest. Check out his talk here!
Part of the Yeti Lunch and Learn series - our amazing developer, Resdan, gives a presentation on creating a reusable component library. Enjoy the video!