Django-Allauth vs. Django Social Auth vs. Python-Social-Auth

Process Flow of Authentication and Authorization using OAuth 2.0 Protocol :

Fig: Process flow of Authentication through Google using OAuth 2.0

The whole process flow described above involves four steps. Firstly, the OAuth 2.0 credentials like client ID and client secret are obtained from the provide(Google Developers Console in this case) for the web application.  Now, to access any API, one needs to get the access token from the provider using the set of client ID and client Secret . After the user login, the user is asked whether they are willing to grant the permissions that the application is requesting. This process is called user consent. If the user grants the permission, the provider Authorization Server sends  the application an access token (or an authorization code that the application can use to obtain an access token). After the application obtains an access token, it sends the token to the Provider API in an HTTP authorization header. Access tokens have limited lifetimes. If the application needs access to provider's API beyond the lifetime of a single access token, it can obtain a refresh token. A refresh token allows an application to obtain new access tokens.
This is the whole workflow of the authorization using OAuth 2.0 protocol.

Majorly three django packages are used for integrating social authentication. Below, they are described briefly:

Django-allauth:

Codebase: https://github.com/pennersr/django-allauth  

It is an integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication. In simple terms,  it is a combination of simple login and registration along with social authentication system.

Django-Allauth is the most popular Django package used for Authentication purposes. Best thing about it  is that it is available as open source which speeds up the development process due to collaborations with the developers all around the world.

Advantages of Django-allauth:

1. Support for Python 2.6, 2.7 and 3.3
2. Support for Django Version 1.4.3 and above.
3. Supports Social authentication through Dropbox and google using OAuth2.0
4. Supports multiple authentication schemes (e.g. login by user name, or by e-mail)
5. Multiple strategies for account verification (ranging from none to e-mail verification)
6. Support to connect multiple social accounts to a Django user account.
7. Consumer keys, tokens make use of the Django sites framework. This is especially helpful for larger multi-domain projects, but also allows for for easy switching between a development (localhost) and production setup without interfering with your settings and database.
8. Rapidly gaining traction and improving day by day.
9. FAQ page solves most of  the problems related to Django-allauth. Otherwise most problems are solved on StackOverflow under the tag #django-allauth. Also mailing list is also available to solve further issues if any.
10. It is well tested than other Django authentication packages; credits to consistent development work going on.
11. The installation, configuration is easy to get started with.
12. Pre-defined templates are available. Its upto the developer whether he wants to customize them or not.
13. Also, one can easily add the new backends if required.

Disadvantages of django-allauth:

1. While working on it and researching more about it, I found that it has  some documentation gaps that need to be fixed.
2. It can get problematic for beginners since it involves series of small but time-consuming hurdles.

Django Social Auth:

Codebase: https://github.com/omab/django-social-auth

Django Social-auth library is a Django package that was made for the social authentication. But the library is deprecated now and has migrated to Python-social-auth for providing better support to several frameworks and ORMs.

Advantages of Django-Social-Auth:

1. Provides social authentication using OAuth and OpenId mechanism
2. Support for Django, Flask, Pyramid, Webpy frameworks.

Disadvantages of Django-Social-auth:

1. This package is deprecated.
2. No support for Python 3.x
3. Development on its codebase has stopped.
4. Not well documented. It lacks FAQ page for bug fixing.

Python-Social-Auth:

Codebase: https://github.com/omab/python-social-auth

Python social-auth is easy-to-setup authentication system that provides vast support. It supports several frameworks and auth providers. It has migrated from django-social-auth to generalize the package to provide a vast support and implement a common interface to define new authentication providers from third-parties and bring support for more frameworks and ORMs.

Advantages of Python-Social-auth:

1. Provides support for frameworks such as Django, Flask, Webpy, Pyramid and Tornado.
2. Supports Python 3.x
3. Supports social authentication through Dropbox, Google, etc. using OAuth 2.0
4. Frameworks API is provided that ease the implementation to increase the number of frameworks supported.
5. ORMs like SQLAlchemy, Django ORM and Mongoengine are supported
6. Storage API is provided to add support to more ORMs.
7. Multiple social accounts can be associated to a single user.
8. Basic user data population, to allow custom fields values from providers response.

Disadvantages of Python Social-Auth:

1. Not well documented.
2. Newer package. So, we cannot predict the future developments.
3. Lot of issues(98 issues) are listed on Github.

Comparison between the three authentication packages:

Features	Django-Allauth	Django-Social-auth	Python-Social-auth
Commits on Codebase	Regular and fast- developing	No commits made since 6 months.	Regular commits on codebase
Python 3.x Support	YES	NO	YES
Authentication	Simple authentication + Social authentication	Only Social authentication	Only Social authentication
Predefined and customizable Templates	YES	NO	NO
Framework Support	Django	Django, Flask, Webpy, Pyramid and Tornado	Django, Flask, Webpy, Pyramid and Tornado
Total Commits	1072	1611	1384
Development Status	Beta	Beta	Beta
OAuth 2.0 Support	YES	YES	YES
Current Stable Version	0.19.1	0.7.28	0.2.2
Support for Dropbox and Google	YES	YES	YES
Repository Forks	545	735	458
Total no. of Contributors	150	167	148
Repo. watchers	1650	2169	1502

Selecting the Appropriate Package:

The package which does not affects the scalability of the project must be given more weightage among all other packages.

From previous work experience and research on authentication libraries, Django-Allauth turns out to be the most appropriate choice of them all. So. in my view, django-allauth should be used for integration.

Deploying a Django Web Application on AWS Instance

Hi, someone asked me to make a doc for deploying a django application on an AWS instance. So, I am making this blog post for that.

Prerequisite:

1. Ubuntu or any other flavour of Linux

2. Knowledge of Git 

3. A Github/Bitbucket Account and 

4. Obiviously an AWS account

Setting up Account on AWS:

So, first of all you need to have an account on AWS. If you Dont have one then you can create the account by going to the link http://aws.amazon.com and follow the instructions in setting up the account.   

Instance Creation on AWS:

After setting up the account, you need to create an instance of EC2 from your AWS account and you 

will be asked to choose a machine, then choose 64 bit Ubuntu 14.04 HVM. During instance creation, you will be asked to generate the key file for logging on to your instance, then type any name you like and click "Download the File". Keep the file safe since you cannot download it again. 

After downloading the key file(extension is "*.pem") then your instance will be created and it will assigned an IP Address and copy that IP address for the future use. 

Configuring the Instance:

After logging into your AWS Account , you will see a lot of services that are provided by the AWS. From those services, select the first one i.e EC2 CLOUD. Then, in the next screen, wou will see that one instance is running. You would need to configure the  port of the instance by going on to the Security Group that comes on the left side of the AWS console Screen. Click on the security group and then below click at Inbound Option then set TYPE: All Traffic , Protocol: All, Port Range: All.

Finally, you all configured. 

Logging into AWS Instance :

1. Open terminal and type the following command:

sudo ssh -i name_of_key_file.pem ubuntu@Instance_ip_address

for example: sudo ssh -i deshraj.pem ubuntu@54.123.456.78 

          ( Note: i am assuming that the .pem file is there in the home directory)
   
     2. If nothing gets wrong then you will be successfully logged in to your instance. Now you need to install some packages to run your django web application.

     3.  I am listing the packages that you need to install :

            sudo apt-get udpate
            sudo apt-get install python-dev
            sudo apt-get install python-pip
            sudo apt-get install apache2
            sudo apt-get update
            pip install django
      sudo apt-get install libapache2-mod-wsgi
      sudo a2enmod wsgi
      sudo service apache2 restart 

          (Please install the other packages yourself if I would have missed something)
 
     4. After the installation you are good to go and you need to clone your repository of django project.

For Cloning type the following command :
             cd /var/www/
             git clone link_to_git_repository
 for example : git clone https://github.com/DESHRAJ/Youtube-Downloader.git

    5. Now you need to edit the apache config present at /etc/apache2/apache2.conf.

        To edit that file, type the command:
            nano /etc/apache2/apache2.conf

 At the end of this file, add the following lines according to location of your django project :
            

    WSGIScriptAlias / /path/to/mysite.com/mysite/wsgi.py

  WSGIPythonPath /path/to/mysite.com

  <Directory /path/to/mysite.com/mysite>
  <Files wsgi.py>
     Require all granted
  </Files>
  </Directory>

Or if you have problem in changing the .conf file,then follow the tutorial at this link: https://docs.djangoproject.com/en/1.7/howto/deployment/wsgi/modwsgi/

Now you are all done. Just restart the apache2 web server adn you are all done.
Commanfe for restartiing the paache server :
sudo service apache2 restart

Finally you have successfully deployed the django application on AWS instance. :) 

Working on Open Source Projects teaches a lot

I am writing this blog psot in context to the open source projects on which I have worked previously.

Contributions in any Open Source projects teaches a lot to anyone who is willing to code and learn. 

TL;DR

• Don't get confused in participating in any open source project. Just go ahead.
• The developers working on the projects are very helping in nature. They are always ready to help you.
• If you think that you don't know the whole concepts of the particular technology, then start working on any project, it will help you to cover the areas in which you are weak. I have learned this from my experience. 
• So all I want to say is that just start doing it today itself. :) 

I would like to share my experience in Open Source: 

• It was July 2014 and I was working as a Web Developer Intern in TLabs that is one of the top start-up accelerators in India. There I was reading the documentation of Django-allauth and I was configuring the django-allauth in my local repository. There I encountered a problem and then I found a bug :) and reported to my Senior Developer in the company. He then told me about the Open Source Projects and described me that how actually it works and how persons like me can fix this. Then I cloned the repository of django-allauth and made the changes according to me and then made a pull request and after a day my PR was merged. I felt happy for contributing to a big project on which only few developers who are real programmers code. Then I felt that I should start with some organization and start making some contribution to their projects. 

• Later on in Sept 2014, one day I just started making my Online Portfolio using the Impress JS library and while I was reading the docs, I found a documentation error in that and at that moment only I just made the pull request and it was merged successfully. Lastly I was successful in making my portfolio and it is live at http://www.deshraj.in . This encouraged me a lot towards the open source projects.

• After a week, I came to know about the Open Hatch (https://openhatch.org/) , Basically it is a website that helps the new comers in the field of Open Source and helps them in choosing any open source project and lists them the bugs that they can fix for a head start. I just explored the website OpenHatch and wondered that why not I should contribute to OpenHatch ? Then I talked to mentor Asheesh Laroia (https://github.com/paulproteus) and he helped me a lot in getting through the codebase and I fixed some bugs in OpenHatch's ohmainline repository. As the codebase was written in django, I was comfortable with it. 

• In Oct 2014, After fixing some of the bugs in OpenHatch, I moved onto projects in the Mozilla Organization  . Then I started working on Mozilla Fjord that powers http://input.mozilla.org . This project is mainly the feedback system of Mozilla for every product that Mozilla is having. It also involves the analysis of the data recorded from the users. Here I worked on bugs under  mentors WillkG and mythmon and they helped me a lot in fixing the issues. I made mistakes but they corrected me. I was very much happy that I worked under some of the Top Developers of the world(Software Engineers of Mozilla) and they were guiding me to tackle a particular task.  I worked on another project simultaneously named, Mozilla Kitherder, where Yvan Boily mentored me on the bug that I fixed. The bug in this project on whcih I was worked was the best of my all bugs that I have resolved yet since it involved a lot of changes in the codebase.  

• Currently I am working on the Mochitests (A testing framework of Mozilla) where I am mentored by Joel Maher. He is the coolest mentor I ever had. He helped in setting up the whole project repository and helped in setting up the Mozilla Central repository. Currently i am working on some bugs involved in Mochitest. I am thankful to the mentors who helped me in doing such great things and now feel that I should help some students and encourage them to start working on the projects like this.