Thanks for following up on that Vihar!
1 Like
Could someone help me here?
followed all steps in tutorials/blogs
also i have changed the urls that they are supposed to directing to, but it doesn’t work…
this is on a production site
1 Like
What tutorial and blog you mean? Have you followed precisely all the steps mentioned in this article (which is the article of this thread):
I am getting this too, i think the document is outdated and needs a re_path or something in urls.py. Followed every step precisely
When I click Log In, I am getting a Callback URL mismatch. The provided redirect_uri is not in the list of allowed callback URLs. error.
I have http://localhost:8000/complete/auth0/ under the Allowed Callback URLs.
Hmm it seems that it’s what the blog post suggest. Can you share the screenshot of your allowed callback urls field?
Hi @konrad.sopala,
Please see the screenshot of the error:
I definitely added the callback urls for this app:
Also, I have the accurate domain, client id, and client secret keys in my .env file.
Any ideas on what else I can try? Thanks!
hmm, have you tried putting it after coma but in one line?
Hi Esther!
I’m new to the setup myself, and I might be wrong here, but I had the same error and used http://127.0.0.1:8000/complete/auth0 instead. It works now.
Hi Shivam,
Thank you for the tip. I tried it but bumped into an error:
AuthMissingParameter at /complete/auth0/ Missing needed parameter state
Did you add include a parameter?
Thank you for the reply.
I did try this but I am still seeing the same error.
Hi Esther,
Sorry but I did not add any parameters. I found this documentation that describes the error:
https://readthedocs.org/projects/python-social-auth/downloads/pdf/latest/
Hello,
I’m running into an issue where the JWT cannot be decoded. This occurs in the get_user_details method of the Auth0 Backend file. The actual error returned by the library python-jose is
/python3.7/site-packages/jose/jws.py", line 181, in _load
signing_input, crypto_segment = jwt.rsplit(b'.', 1)
AttributeError: 'NoneType' object has no attribute 'rsplit'
and it also appears that the line
id_token = response.get('id_token')id_token = response.get('id_token')
returns None. Everything else about the tutorial works as expected, but seemingly the login flow is not working. Any help is much appreciated!
1 Like
I apologize, I did not correctly follow the tutorial as I did not include the correct set of scopes. In particular, to obtain an id_token during the auth flow, one must include the openid parameter in the set of scopes per other answer. My mistake!
1 Like
No worries! We’ve all been there!
I followed the quickstart at Auth0 Django SDK Quickstarts: Login and then went through the blog Introduction to Django 3.0 - Building, Authenticating, and Deploying - Part 2. Both of these have the same instructions. The problem is neither works for me. After adding all the required changes and code I get an error:
The examples use this line of code to get the user info:
auth0user = user.social_auth.get(provider='auth0')
If you are logged in with a standard django user, this line can not find the auth0 provider, and django crashes.
We should be handling this better.
A simple solution would be to check if the user is a social_auth user, and if not, force a logout.
@login_required
def dashboard(request):
user = request.user
if UserSocialAuth.objects.filter(user=request.user).exists():
auth0user = user.social_auth.get(provider='auth0')
userdata = {
'user_id': auth0user.uid,
'name': user.first_name,
'picture': auth0user.extra_data['picture'],
'email': auth0user.extra_data['email'],
}
return render(request, 'dashboard.html', {
'auth0User': auth0user,
'userdata': json.dumps(userdata, indent=4)
})
else:
# If we are logged in as a native Django user, force a logout so that user can log in using Auth0
return redirect(logout)
We might need to do this on all pages that require an authenticated user, so maybe there is a better place to put this check?