Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to implement single sign-on django auth in azure ad?

I have a django-based web application, a client requested that we integrate the login with Azure AD, following the documents I managed to integrate with the following flow. In django the user types only the email, I identify the user and his company and redirect him to the microsoft ad login screen, after login, the redirect uri is activated and in my view I do some validations and authenticate the user on my system. The problem is that every time the customer is going to log in he needs to enter his credentials in azure, would it be possible with the microsoft user_id or the token acquired the first time the user logs in to login? Or another way to log in faster?

This my callback view, called in redirect_uri:

def callback(request):
    user_id = request.session.pop('user_id', '')
    user_internal = User.objects.filter(id=user_id).first()
    company_azure = CompanyAzureAd.objects.filter(company=user_internal.employee.firm).first()
    # Get the state saved in session
    expected_state = request.session.pop('auth_state', '')
    # Make the token request
    url = request.build_absolute_uri(request.get_full_path())
    token = get_token_from_code(url, expected_state, company_azure)

    # Get the user's profile
    user = get_user(token) #in this moment i have user microsoft profile, with token and id

    # Save token and user
    store_token(request, token)
    store_user(request, user)
...

if it is possible to login I could store the token or user id in microsoft in my database, so it would only be necessary to login once

like image 634
GustavoNogueira Avatar asked Jul 19 '20 15:07

GustavoNogueira


1 Answers

I think this is already answered here

Also try this ADFS Authentication for Django

Even you can try the library in python

Django Microsoft Authentication Backend

like image 73
manas dash Avatar answered Sep 29 '22 21:09

manas dash