This is a Python package for magiclogin, an addon for Websauna framework.
To run this package you need Python 3.5.2+, PostgresSQL and Redis.
- Passwordless login with OAuth and email link options.
- Throttle protection against brute forcing and spam
- Interstitial page to require user to login and then continue what ever HTTP GET/POST action user was performing
Screenshots
Setup OAuth credential in development.ini
and development-secrets.ini
according to Websauna documentation.
Example development.ini
:
websauna.social_logins =
facebook
google
Example development-secrets.ini
bits:
[facebook]
class = authomatic.providers.oauth2.Facebook
consumer_key = xxx
consumer_secret = yyy
scope = user_about_me, email
mapper = websauna.system.user.social.FacebookMapper
[google]
class = websauna.system.user.googleoauth.Google
consumer_key = xxx
consumer_secret = yyy
mapper = websauna.system.user.social.GoogleMapper
scope = profile email
Copy bits from demo.py
to your application initializer.
Available INI settings:
# Throttle email login endpoints to this window
magiclogin.login_email_throttle = 50/3600
# How fast email login link dies
magiclogin.email_token_expiration_seconds = 300
# Text shown on the login panel
magiclogin.login_slogan = Your login text goes here
You might also have long, secure, sessions in production:
# Set session length to one year
redis.sessions.cookie_max_age = 31536000
redis.sessions.cookie_secure = True
redis.sessions.cookie_httponly = True
Example (OSX / Homebrew):
createdb magiclogin_dev
ws-sync-db ws://websauna/magiclogin/conf/development.ini
pserve ws://websauna/magiclogin/conf/development.ini --reload
You can visit:
http://localhost:6543/login
http://localhost:6543/require_login_example_page
First create test database:
# Create database used for unit testing
psql create magiclogin_test
Install test and dev dependencies (run in the folder with setup.py
):
pip install -e ".[dev,test]"
Run test suite using py.test running:
py.test
Please see https://websauna.org/