-
Notifications
You must be signed in to change notification settings - Fork 5
Scope
cs.auth.facebooks wants to provide a PAS plugin to authenticate in Plone using Facebook. To achieve that, provides a PAS plugin that implements the following PAS Plugins:
The login view redirects the user to Facebook and does the full Oauth authentication process and stores in the session (provided by collective.beaker) the information about the login. The implementation of this plugin inspects the session to check whether there is FaceBook authentication information, if so it returns the information.
We basically trust our session data, so if the session contains a user, we treat them as authenticated. Other systems may have more stringent needs, but we should avoid an expensive check here, as this method may be called very often - at least once per request.
This plugin handles the logout, to do so it just destroys the session data.
Returns the basic metadata about the specified user using Facebook API.
This plugin will return that the user has 'Member' role.
Option 1: This plugin will return the user information if there's a user in Plone's membership_tool with the id of the provided user.
Option 2: This plugin will check with Facebook API if the user exists
It will create an instance of FacebookUser (basically a PropertiedUser, but implementing a custom interface
This plugin won't create a user profile in Plone for the user, it will just authenticate the user using Facebook Authentication mechanism.
To create a user profile in Plone using Facebook authnetication, we suggest to do the following:
- Deactivate IPropertiesPlugin in acl_users to avoid bringing data from Facebook.
- Create a subscriber for (IFacebookUser, IUserInitialLoginInEvent) to add data coming from Facebook to Plone.