This is a Python package for magiclogin, an addon for Websauna framework.
To run this package you need Python 3.5.2+, PostgresSQL and Redis.
- Passwordless login with OAuth and email link options.
- Throttle protection against brute forcing and spam
- Interstitial page to require user to login and then continue what ever HTTP GET/POST action user was performing
Screenshots
Setup OAuth credential in development.ini and development-secrets.ini according to Websauna documentation.
Example development.ini:
websauna.social_logins =
facebook
googleExample development-secrets.ini bits:
[facebook]
class = authomatic.providers.oauth2.Facebook
consumer_key = xxx
consumer_secret = yyy
scope = user_about_me, email
mapper = websauna.system.user.social.FacebookMapper
[google]
class = websauna.system.user.googleoauth.Google
consumer_key = xxx
consumer_secret = yyy
mapper = websauna.system.user.social.GoogleMapper
scope = profile emailCopy bits from demo.py to your application initializer.
Available INI settings:
# Throttle email login endpoints to this window
magiclogin.login_email_throttle = 50/3600
# How fast email login link dies
magiclogin.email_token_expiration_seconds = 300
# Text shown on the login panel
magiclogin.login_slogan = Your login text goes hereYou might also have long, secure, sessions in production:
# Set session length to one year
redis.sessions.cookie_max_age = 31536000
redis.sessions.cookie_secure = True
redis.sessions.cookie_httponly = TrueExample (OSX / Homebrew):
createdb magiclogin_dev
ws-sync-db ws://websauna/magiclogin/conf/development.ini
pserve ws://websauna/magiclogin/conf/development.ini --reloadYou can visit:
http://localhost:6543/login
http://localhost:6543/require_login_example_pageFirst create test database:
# Create database used for unit testing
psql create magiclogin_testInstall test and dev dependencies (run in the folder with setup.py):
pip install -e ".[dev,test]"Run test suite using py.test running:
py.testPlease see https://websauna.org/