Tag Archive: openid.

DjangoSites Gets New Shoes

I launched DjangoSites publicly last June, and since then we've had over 1,250 websites submitted to what has become the ultimate directory of Django-powered websites.

The look and feel of the site didn't seem to have the same zing that many of the listed sites had though, so after a quick chat with the ever-creative Martin 'maddiin' Czura he was able to put together a new design that we both think is a great improvement.

The new design is already online at DjangoSites.org, with a few nifty changes as well as the colour scheme such as an improved navigation bar and less cluttered positioning of user account options.

At the same time, the website has been moved to a new VPS with KnownHost. I've been using KnownHost for over a year now and their VPS hosting is fantastic. The support from them has always been helpful, and their prices are very reasonable for what has been a very reliable service.

I updated the TTL for the djangosites.org domain a few weeks back, so by the time this post goes live the new IP address should be accessible to anybody with properly configured DNS servers. I encourage you to do a forced reload (using Ctrl-Reload in FireFox in Windows, I assume it's similar for other browsers) to ensure that the new stylesheet and graphics are loaded.

If you do find yourself getting to the blue design on the old server, you will not be able to submit sites, vote, or leave comments until your ISP realises there has been a change in IP address.

Don't forget, we now have OpenID support so you don't need a username and password to sign up. Since my announcement that OpenID was available a fortnight ago, there have been 44 signups of which 18 have used OpenID exclusively (not including users who added an OpenID to their existing account). It's fantastic to see this type of momentum behind OpenID - it would be interesting to see similar statistics from other websites.

As always, any problems or suggestions can be sent to me at djangosites at djangosites.org. Enjoy!

DjangoSites Gets OpenID Support

OpenID is, in my opinion, critical in the success of an open web. It allows an individual to access websites without providing that website with a password, and it provides a single identity across non-homogeneous websites.

Generally speaking, it also makes the signup process for a website much simpler. Rather than the traditional method of finding a username that isn't yet in use, entering a password, verifying your e-mail address, then selling your firstborn, with a system such as OpenID you simply enter your OpenID Identifier (typically, but not necessarily the web address of your weblog) and click 'Signup'. You then verify your username and password with your OpenID Provider (the only username & password you should have to remember) who returns you to the original website with a token saying "Yep, this really is the guy who says he's rossp.org."

There are plenty of descriptions of OpenID works, so I won't harp on about it too long. Lets just say that I think it's an important development in todays web.

Django got it's first dose of the OpenID 'syrup' from Simon Willison, who released his efforts as django_openidconsumer. This application lets you use OpenID on your website, however it doesn't provide any integration (yet) with the existing Django Authentication framework.

Soon after Simon's release, a number of people provided their own ways of integrating OpenID with Django's auth, including a messy codebase that I wrote. I personally didn't think any of these were ready for the prime-time, so until now I hadn't implemented OpenID on any public Django facing websites.

That changed recently when I came across django_authopenid, written by Benoit Chesneau. His code is much more complete than mine, and with a few minor changes (most of which I've submitted back to the project for others to use) I've been able to very easily add OpenID support to DjangoSites.

As of today, you can continue to use your existing username & password, or you can use OpenID. To use OpenID, simply log in using your OpenID and you'll be given the option to attach your OpenID to an existing account (if you've already signed up with a username & password) or create a new account tied directly to your OpenID (no password required!).

Once you're logged in, there are also a few new user features including easier access to your previously submitted sites, the ability to change your password, and the ability to delete your account entirely if you wish.

OpenID is starting to make more of an impact on various websites. Simon Willisons' Django People website already has OpenID support, and I hope others in the Django community follow his excellent lead.

Overdue Catchup

I've had a very busy few months in every way conceivable - everything from my Django projects, to my day job, to life as a whole has been running in fast-forward. Here's a quick summary of the

DjangoSites is coming along very well, with 1040 sites listed as of this evening. The quantity and quality is ever-increasing, and more and more sites are being claimed. There are still well over 300 unclaimed sites - is yours listed there? If so, drop an email with your DjangoSites username to djangosites@djangosites.org.

After a server move late last year my Django OpenID project went offline for a little while. After a handful of requests from the blogosphere I've put it back online - see my original blog posting on the topic for more details, although I'm guessing that Simon Willison has something up his sleeve that'll trump my hack-job soon enougy.

Over my Christmas holidays I launched Jutda, the 'corporate' face for my upcoming web projects built with Django. The word Jutda is from the Wagiman language, a dialect spoken by an ever-shrinking Aboriginal tribe in the Northern Territory of Australia. It means show the way, which is something I hope to do with my projects. This is by no means my day job, rather a single name with which to pull together a number of after-hours projects. Hopefully the name starts to mean something within the Django community after a little while :)

The first project to be released by Jutda is WhisperGifts, a service to allow you to publish your wedding gift registry online with minimum fuss. I used it for my wedding almost a year ago with no problems, and it's been used by others before and since with great praise from happily married couples and their guests alike. Of course, it's all built with Django, with a whole host of neat features. When I have a spare evening I'll write up a few more details, but in the mean time check it out and let me know what you think.

Last but not least, I thought I'd bring attention to a simple Django application I wrote a while ago but never 'released' per-se. Django-forum is a simple Forum application for Django, allowing you to leverage your existing templates and user accounts to add discussion-forum capability to your existing project. At least a few people are using it, with a few patches coming from the community to add new functionality. I don't currently have any public sites running it, but keep your eyes peeled.

That's all of my news for now - I've got plenty more to share, however just a little more time is needed to give a few projects some more polish before I go public. Let's just hope my next update isn't another three-months away!

Mixing OpenID into Django's authentication system

NOTE: This code is now outdated, and it's certainly not the best way to do OpenID in Django. I recommend you take a look at django-authopenid, a fantastic registration system that combines Django's authentication framework with OpenID sign-in. Ross, 17th April 2008

According to the OpenID website, from a consumers point of view OpenID is "the elimination of multiple user names and passwords and a smoother, more secure, online experience. ". What it provides is a single identity for you to use at multiple websites. Instead of having a username and password for each website you peruse, you have an identity (usually a URL to your blog or an OpenID provider) that you use to login. The only password you have to remember is that of your OpenID provider - and you don't have to provide your password to any websites you visit.

Simon Willison has been a fantastic campaigner for OpenID, especially for integration with Django. He's written the fantastic django-openidconsumer package which provides the framework for a Django Application to act as an OpenID consumer (that is, people login to your Django app using their OpenID).

Simon's package creates a new OpenID object within your application, but is unrelated to the existing authentication system. So what I've done is mixed some glue to pull together these fantastic standalone applications:

The 'glue' provides a useful process flow for new users to your website. It lets people register with a username/password as they would have before OpenID, lets people login with OpenID's, and keeps it all intertwined. The basic functions are as follows:

  • A new user can sign up with a username/password, using django-registration
  • A new user can enter an OpenID, which is authenticated before creating a standard Django user. The account is verified using django-registration's email checker.
  • A user who is already logged in with a username/password, can login again using an OpenID, which is automatically associated with their username
  • A user can login with either their username/password (if they have one), or with their OpenID(s) (if they have any), and you'll always see them as 'request.user' - the same as if they had signed up with a username/password
  • This gives users a choice when they sign up and lets them change their mind by adding or removing OpenID's from their account as they wish.
  • Why do e-mail verification when users sign up with an OpenID? Because OpenID doesn't guarantee a users identity. It's merely a replacement for a username & password. E-Mail verification helps cut down on automated registrations, and ensures users are providing you with a valid contact address.

How would I use this in the real world? For sign-ups, I would show one form, clearly divided, asking a user to enter their OpenID if they have one, or otherwise enter their username/password/e-mail address. For logins, show users a username/password box with a link to toggle an OpenID entry field. If the user logs in with an OpenID, set a cookie so you can remember them in the future, showing them the OpenID login by default rather than the Username-driven login. Make it as easy as possible for people to adopt this fantastic technology.

I'm not using this code in a live environment yet, as it needs more testing. However, I've put a testbed online and made the source code available.

I would love it if you could try out this code both on my server and on yours, and provide feedback on the flow from a users point of view. I plan on cleaning up the code significantly before packaging it into something that is safe to use in a production environment.

The online demo is at http://openid.rossp.org. There is a link to the source code there.

Note: The database isn't accessible via the web, and it's a database set up specifically for this demonstration. I will NOT be extracting lists of usernames, passwords, e-mail addresses, openid's, etc. I may pu tup some usage statistics later, but certainly nothing identifiable. Please feel safe using this.


Want to see more? Check out the yearly archives below.