You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to find help/docs relevant to the following use case:
User logs into Django app and authenticates with OAuth provider, they will use Bearer token auth (via API calls on the Django App) Client A
If the user then logs into the Django app from another machine, they are given a new token, which will be associated with their account (via UserSocialAuth) Client B
The user is authenticating via Bearer token in a custom middleware using:
# Once I've retrieved the Bearer Token code from the request:user_social_auth=UserSocialAuth.objects.get(extra_data__access_token=code)
This will fail for Client A but not Client B (due to UserSocialAuth for the user now holding the updated token)
I want both to continue to be authenticated.
I'm not sure if:
I should modify the way I authenticate via Bearer Token.
I should make multiple UserSocialAuth associations for each client connection.
I should be requesting token verification directly from the OAuth provider, for every request, which seems like a bad idea.
Something else?
FYI - The OAuth provider is a Django OAuth Toolkit based auth server. I use a custom backend so I'm concerned I might be going off track.
This discussion was converted from issue #1041 on March 14, 2025 08:02.
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Python Social Auth
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I'm trying to find help/docs relevant to the following use case:
User logs into Django app and authenticates with OAuth provider, they will use Bearer token auth (via API calls on the Django App) Client A
If the user then logs into the Django app from another machine, they are given a new token, which will be associated with their account (via
UserSocialAuth) Client BThe user is authenticating via Bearer token in a custom middleware using:
This will fail for Client A but not Client B (due to
UserSocialAuthfor the user now holding the updatedtoken)I want both to continue to be authenticated.
I'm not sure if:
UserSocialAuthassociations for each client connection.FYI - The OAuth provider is a Django OAuth Toolkit based auth server. I use a custom backend so I'm concerned I might be going off track.
(note)
Beta Was this translation helpful? Give feedback.
All reactions