How to effectively use django-sso for Single Sign On

by

Am using django-sso package for SSO(Single Sign On), i have installed it and set the configuration by following the documentation and everything seems to work well. But my questions now is

  1. According to the documentation, to get additional fields on the client side, we put this line of code in the Server settings.py .
# SSO settings section in the gateway side are optional
SSO = {
    # Timeout for the communication with subordinated services. (OPTIONAL)
    # This timeout is defined in seconds with a default value of 0.1s 
    # (100ms) per registered service.
    'SUBORDINATE_COMMUNICATION_TIMEOUT': 0.1,
    
    # Additional fields. (OPTIONAL). For more details look to part
    # named as "Send additional data to subordinated services"
    'ADDITIONAL_FIELDS': ('first_name', 'last_name', 'phone_number'),
}

So my question is how can i get these first_name, last_name and phone_number on the client side

  1. How can i make the login page more secure by adding Multi factor Authentication like Kagi or django-mfa
  2. How can i add Social Auth to work with it

**What i have tried **

In my server settings.py, i added

# SSO settings section in the gateway side are optional
SSO = {
    # Timeout for the communication with subordinated services. (OPTIONAL)
    # This timeout is defined in seconds with a default value of 0.1s 
    # (100ms) per registered service.
    'SUBORDINATE_COMMUNICATION_TIMEOUT': 0.1,
    
    # Additional fields. (OPTIONAL). For more details look to part
    # named as "Send additional data to subordinated services"
    'ADDITIONAL_FIELDS': ('first_name', 'last_name', 'phone_number'),
}

And on my client template i did request.user.first_name, but am not getting the user first name.

The documentation actually give url to check for the information sent to the client, that is sso/debug/update_event/, i check it and i saw

{
   "fields": {
      "is_active": true,
      "is_staff": false,
      "is_superuser": false,
      "user_identy": "[email protected]",
      "first_name": "James",
      "last_name": "Mike",
      "phone_number": "+52222222222223"
   }
}

But on my client side am getting only the user email, by doing request.user.username, if i do request.user.email it will not work.

Leave a Comment