I'm developing a back-end for a mobile application and I kind of struggle (hard) to get my mind clear now on how to handle the authentication with social accounts.
Currently, I use rest_framework.authentication.OAuth2Authentication, so the mobile app sends all requests with the OAuth2 token and it works all OK.
However, in my app I will need to connect the user app with different services (FB, Google, Linkedin etc) and request those from the server. I did this with some ad-hoc code for tests, but now I wanted something clean.
I need 2 things:
- ability to associate different social accounts to user account
- ability to log-in with social accounts (no sign-up with social accounts)
I have taken a look at python-social-auth and it seems to do just that, but I don't see how I can make it work with DRF. For instance, I don't use sessions. If my understanding is good, in Django it's the login() function that attaches the user attribute to the request (and creates / updates the current session). In DRF it's done in the authentication back-end, without the use of sessions right ?
Have somebody been able to use those two together ?