GeoNode Social Accounts¶
Contents
Allow GeoNode to Login throguh Social Accounts (Facebook and Linkedin)¶
Base concepts and objects¶
In order to harmonize the various authentication flows between local accounts and remote social accounts, the whole user registration and authentication codebase has been refactored.
Major changes:
geonode-user-accounts has been retired and is not used anymore. This app was only capable of managing local accounts;
django-allauth has been integrated as a dependency of geonode. It provides a solution for managing both local and remote user accounts. It is now used for dealing with most user registration and auth flows;
django-invitations has also been integrated as a dependency of geonode and is used for managing invitations to new users. This functionality was previously provided by geonode-user-accounts;
django-allauth has been extended in order to provide the following additional features:
Automatically registering an e-mail with a user when the e-mail is used to connect to a social account;
Automatically extract information from the user’s social account and use that to enhance the user’s profile fields on geonode. This was implemented in a pluggable way, allowing custom installs to configure it for other providers;
Allow approval of new registrations by staff members before allowing new users to login. This functionality was previously provided by geonode-user-accounts.
There are now extra sections on the user’s profile to manage connected social accounts and e-mail accounts
![]()
When properly configured, the login and register pages now display the possibility to login with social accounts
![]()
Installation¶
Install the new
allauth
plugin and remove any of the old dependenciespip install -r requirements.txt --upgrade pip install -e . --upgrade --no-cache pip uninstall geonode-user-accounts -y pip uninstall django-user-accounts -yensure sure the DJango model is updated and the templates updated to the
static
folderDJANGO_SETTINGS_MODULE=geonode.local_settings python -W ignore manage.py makemigrations DJANGO_SETTINGS_MODULE=geonode.local_settings python -W ignore manage.py migrate DJANGO_SETTINGS_MODULE=geonode.local_settings python -W ignore manage.py collectstatic --noinputensure that Social Providers are enabled in your
settings
:# prevent signing up by default ACCOUNT_OPEN_SIGNUP = True ACCOUNT_EMAIL_REQUIRED = True ACCOUNT_EMAIL_VERIFICATION = 'optional' ACCOUNT_EMAIL_CONFIRMATION_EMAIL = True ACCOUNT_EMAIL_CONFIRMATION_REQUIRED = True ACCOUNT_CONFIRM_EMAIL_ON_GET = True ACCOUNT_APPROVAL_REQUIRED = True SOCIALACCOUNT_ADAPTER = 'geonode.people.adapters.SocialAccountAdapter' SOCIALACCOUNT_AUTO_SIGNUP = False INSTALLED_APPS += ( 'allauth.socialaccount.providers.linkedin_oauth2', 'allauth.socialaccount.providers.facebook', ) SOCIALACCOUNT_PROVIDERS = { 'linkedin_oauth2': { 'SCOPE': [ 'r_emailaddress', 'r_basicprofile', ], 'PROFILE_FIELDS': [ 'emailAddress', 'firstName', 'headline', 'id', 'industry', 'lastName', 'pictureUrl', 'positions', 'publicProfileUrl', 'location', 'specialties', 'summary', ] }, 'facebook': { 'METHOD': 'oauth2', 'SCOPE': [ 'email', 'public_profile', ], 'FIELDS': [ 'id', 'email', 'name', 'first_name', 'last_name', 'verified', 'locale', 'timezone', 'link', 'gender', ] }, } # Comment out this in case you wont to diable Social login SOCIALACCOUNT_PROFILE_EXTRACTORS = { "facebook": "geonode.people.profileextractors.FacebookExtractor", "linkedin_oauth2": "geonode.people.profileextractors.LinkedInExtractor", }
Configuration¶
Go to GeoNode/Django Admin Dashboard and add the Social Apps you want to configure:
admin/socialaccount/socialapp/

Linkedin

Facebook

Warning
Make sure to add the sites you want to enable.
Usage¶
You need first to create and configure OAuth2 Applications on your Social Providers.
This will require a persoanl or business account, which can access to the
developers
sections of LinkedIn and Facebook and create and configure newApplications
.That account won’t be visibile to the GeoNode users. This is needed only to generate OAuth2
Client ID
andClient Secret
Authorization Keys.In the following sections we will see in details how to configure them for both LinkedIn and Facebook.
LinkedIn Application¶
(ref.: http://django-allauth.readthedocs.io/en/latest/providers.html)
Go to https://www.linkedin.com/developer/apps and select
Create Application

Create a new Company

Fill the informations
Note
The logo must have precise square dimensions

Select the following
Default Application Permissions
Warning
Be sure to select the r_basicprofile
and r_emailaddress
application permissions.

Add OAuth 2.0 Authorized Redirect URLs:
http://geonode.geo-solutions.it/account/linkedin_oauth2/login/callback/ http://geonode.geo-solutions.it/account/linkedin/login/callback/

Save

Take note of the
Authentication Keys

Go to GeoNode/Django admin, Social Applications and select the LinkedIn one
(/admin/socialaccount/socialapp/
)

Cut and Paste the
Client ID
andClient Secret
on the related fields

Save
Facebook Application¶
(ref.: http://django-allauth.readthedocs.io/en/latest/providers.html) (ref.: https://www.webforefront.com/django/setupdjangosocialauthentication.html)
Go to https://developers.facebook.com/apps and Add a
New Application

Create the
App ID
and go to theDashboard


Take note of the
Authentication Keys

Go to GeoNode/Django admin, Social Applications and select the LinkedIn one
(/admin/socialaccount/socialapp/
)

Cut and Paste the
App ID
andSecret Key
on the related fieldsClientID <--> App Id Client Secret <--> Secret Key

Save
Go back to the Facebook Application
Dashboard
and selectSettings

Add your App Domain

Click on
Add Platform

Select
Web Site

Add the
URL

And Save

Go to
Add Product

Select
Facebook Login

Select
Web

Go to
Settings

Make sure
Allow client OAuth
andAccess via OAuth Web
are enabled

Add the valid
redirect URIs
:http://geonode.geo-solutions.it/account/facebook/login/callback/ http://geondoe.geo-solutions.it/account/login/

Save

Login by using Existing Accounts on GeoNode¶
If you want to enable an already existing user account to login through social apps, you need to associate it to social accounts.
Usually this could be done only by the current user, since this operation requires authentication on its social accounts.
In order to do that you need to go to the User Profile Settings
![]()
Click on “Connected social accounts”
![]()
And actually connect them
![]()
![]()