Tuesday, 22nd January, 2008
Using Yahoo BBAuth with Django
Today I tried Yahoo's Browser based authentication service.
Yahoo BBAuth also offers a Single Sign-On (SSO) facility so that existing Yahoo! users can use your services without having to complete yet another registration process.
To enable Yahoo SSO in your application all you need to do is register your application, download this quick start package and integrate it with your application.
I tried integrating with Django and it was pretty easy.
Download Yahoo BBAuth python classes here
Extract ybrowserauth.py in your django project directory
Create a bbauth_config.py file into your root project directory
Add the following lines, replacing it with your appid and secret
# Put your Application ID and Secret hereAPPID = ‘5KzQuKHIkxxxxxxxxxxxxxxxxxxSztLwiAF7SECRET = ‘0e68e582xxxxxxxxxxxxxxxxxxxx0f25f4In your views.py file add the following import statement.
from mysite import ybrowserauth, bbauth_configNow assuming that I want to protect my photos view with YAHOO BBAuth I will add the following code in my photos view
def photos(self, ts, sig, token, userhas, appdata)# Instantiate the class cptr = ybrowserauth.YBrowserAuth(APPID, SECRET, ts, sig, token, userhash, appdata) if token == None: # If no token is found, create the authentication URL and display it req.content_type = "text/html" outstuff = cptr.getAuthURL('someappdata', 1) from django.http import HttpResponseRedirect #this will redirect to YAHOO login page return HttpResponseRedirect(outstuff) else: # If a token is found, it must be Yahoo!'s bbauth coming back as the # "success" URL. So, we validate the signature and do all the work request_uri = req.parsed_uri[6]+ '?' + req.parsed_uri[7] cptr.validate_sig(ts, sig, request_uri) userhash = cptr.userhash appdata = cptr.appdata cookie = cptr.cookie token = cptr.token wssid = cptr.wssid # Your photos view definition goes followsUse example bbatestMAIL.py and bbatestPHOTOS.py file that comes with the sample code
A php example can be found at Dan's Blog
