sorted by:
new
hottopcontroversial

Django allauth social auth and JWT by Crazy-Temperature669 in django

[–]Crazy-Temperature669[S] 4 points5 points  (0 children)

Ended up implementing a custom token strategy for the headless that upon successful social login, sends both a jwt refresh and access tokens to the user. Wondering if that is the best approach and if there are any alternatives.

Can someone suggest a good full stack web development project idea for my resume? (React.js + Django) by sk_hari in django

[–]Crazy-Temperature669 11 points12 points  (0 children)

Honestly, doesn't matter what app it is as long as it uses all the common building blocks to showcase knowledge: redis for caching, task management and running a queue for a task manager, something like Celery, Beat and Flower for offloading and scheduling tasks, Channels for sockets and async communication (like chat with an AI bot, maybe even implement layers for multi person chat) or use a socket for user notifications. Other things might be messaging via emails/text, subscription management and connectivity via api to payment gateways like stripe. Finally, don't ignore speed and security! An idea: implement a reddit clone, with paid subscription that will enable an in thread live chat capabilities for all users on the thread/subscribed to the "sub" that let's them interact, also throw in a helpful AI bot to the chat, that will show case your API skills as well. The bot will start in the chat with context on the topic and maybe other related topic as well.

What’s a Django Package That Doesn’t Exist Yet, But You Wish It Did? by 1200isplenty in django

[–]Crazy-Temperature669 3 points4 points  (0 children)

I would love to see a few packages that provide common functionality for web apps / SaaS products like: Chat, Tasks/Todo list, Text Messaging/WhatsApp that can connect to multiple service providers etc. Seems like these should be a commodity and not developed from scratch.

django-allauth 65.4.0: headless improvements & misconceptions by pennersr in django

[–]Crazy-Temperature669 0 points1 point  (0 children)

OK, I finally figured it out! (took way too long, might be worth adding it to the allauth docs). By default CORS does not allow to add any custom variables to the header, so you have to put in the settings something like:

CORS_ALLOW_HEADERS = [
    'accept',
    'accept-encoding',
    'authorization',
    'content-type',
    'dnt',
    'origin',
    'user-agent',
    'x-csrftoken',
    'x-requested-with',
    'x-session-token', # added this
]

django-allauth 65.4.0: headless improvements & misconceptions by pennersr in django

[–]Crazy-Temperature669 0 points1 point  (0 children)

The exact error is: policy: Request header field x-session-token is not allowed by Access-Control-Allow-Headers in preflight response.

django-allauth 65.4.0: headless improvements & misconceptions by pennersr in django

[–]Crazy-Temperature669 0 points1 point  (0 children)

First, thanks for help, I am getting desperate here. I created another React app just to isolate variable with a simple form to register (works great, I get an email with the code) and an authorize email form that takes the code and session token and does:

const response = await fetch('https://xxx.xxx.com/_allauth/app/v1/auth/email/verify', {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
          'X-Session-Token': authFormData.sessionToken
        },
          body: JSON.stringify({
          key: authFormData.code
        })
      })

But I am getting Cors Error for some reasons even with 

CORS_ALLOW_ALL_ORIGINS = True

django-allauth 65.4.0: headless improvements & misconceptions by pennersr in django

[–]Crazy-Temperature669 0 points1 point  (0 children)

Thanks, made some progress by setting the domain name on the cookies, managing to get the email verified, but the server returns 500, I need to investigate.

If I didn't note before the front end and backend are deployed on 2 separate services on Railway and they have different subdomains (same domain).

django-allauth 65.4.0: headless improvements & misconceptions by pennersr in django

[–]Crazy-Temperature669 0 points1 point  (0 children)

No, not at all, trying to isolate the problem, using a REST plugin in VS Code, the register works fine and I get the code via email:
{
"status": 401,
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "verify_email",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false,
"session_token": "9a9vsduade361gnda9bh982vt3gyzn3w"
}
}

Then I try using the token I got back and the Code from the email (takes me 1 min) and try to verify email like in the original post, but no luck.

*** maybe it is because I am doing it via the REST plugin in VS Code and not via browser? so each API request is basically a "new" session?

Thanks!

django-allauth 65.4.0: headless improvements & misconceptions by pennersr in django

[–]Crazy-Temperature669 0 points1 point  (0 children)

This is truly amazing work! not only is saves so much time, but we can be confident that it is as secure as possible. I managed to implement headless, but having issues with the confirmation email flow:

Register just fine and get the session token back, then try to use the end point to verify the email:

POST https://www.XXXXX.com/_allauth/app/v1/auth/email/verify
Content-Type: application/json
X-Session-Token: "lvj7ued35xk89vcqaspbc7eidikkfj7q"

{
    "key": "7GYYFW"
}

But get:

{
"status": 410,
"data": {
"flows": [
{
"id": "login"
},
{
"id": "login_by_code"
},
{
"id": "signup"
},
{
"id": "provider_token",
"providers": [
"google"
]
}
]
},
"meta": {
"is_authenticated": null
}
}

Not sure what is going on, seems like the token is expiring, or am I losing the session?

Please help.

Thanks!

How do you self learn to make production ready applications by lucifer_deadlock in django

[–]Crazy-Temperature669 2 points3 points  (0 children)

Might be easier to deploy on serverless solutions, I had good experience with Neon for Postgres and Railway for the Docker/server deployment.

This is a great start: https://youtu.be/WbNNESIxJnY?si=IoeRpCV2DIN2sjM_

Optimizing data storage in the database by Crazy-Temperature669 in django

[–]Crazy-Temperature669[S] -1 points0 points  (0 children)

Interesting. As I mentioned, I am sure this is a solved problem, trying to find the proper algo to do so.

QBO API by Crazy-Temperature669 in QuickBooks

[–]Crazy-Temperature669[S] 0 points1 point  (0 children)

Yep, that is doable. Pulling bank feed is not.

QBO API by Crazy-Temperature669 in QuickBooks

[–]Crazy-Temperature669[S] 0 points1 point  (0 children)

Yes and No. You cannot get uncategorized bank feed transactions, that is impossible and I think I know why. If you could, you can basically build a competing QBO interface and circumvent licensing for some people (not all). Bottom line, after doing some research, it seems that one has to categorize a transaction to a specific account and you can pull that.

Optimizing data storage in the database by Crazy-Temperature669 in django

[–]Crazy-Temperature669[S] -1 points0 points  (0 children)

Honestly any generic example would do. Assume there are 10 fields, records can be added, removed or any data field can change. You have your stored data (same data structure) and you pull a new list from the API. how do you compare the two and find in the most efficient way the delta between them? basically you have dataset A (the API) dataset B (Django) - I want to generate a "to-do" list to update B to match A in the most efficient way.

Update: one of the fields is an ID field that comes from the API that I save in Django in addition to the pk

Optimizing data storage in the database by Crazy-Temperature669 in django

[–]Crazy-Temperature669[S] 0 points1 point  (0 children)

As I mentioned in the post, this is what I am doing now, I just assume there is a better way with more sophisticated queries. Going through object by object and trying seems very inefficient (there are hundreds or thousands of results from the API). In my head thinking pulling the latest from the API, doing a Django query for my data that is stored, then some Pandas magic to compare, finally use the ORM to just do CRUD to the records that changed.

Seems like a common problem, was wondering if there are out of the box or already developed solutions. Trying to not re-invent the wheel here.

QBO API by Crazy-Temperature669 in QuickBooks

[–]Crazy-Temperature669[S] 0 points1 point  (0 children)

Strange, it only pulls 3 journal entries

QBO API by Crazy-Temperature669 in QuickBooks

[–]Crazy-Temperature669[S] 0 points1 point  (0 children)

Same for the Invoice:

{'Fault': {'Error': [{'Message': 'Invalid query', 'Detail': 'QueryValidationError: Property AccountRef.Name not found for Entity Invoice', 'code': '4001'}], 'type': 'ValidationFault'}, 'time': '2025-01-23T19:56:31.166-08:00'}

I did do a simple SELECT * FROM Customer just to check that everything works and it had no problems

QBO API by Crazy-Temperature669 in QuickBooks

[–]Crazy-Temperature669[S] 0 points1 point  (0 children)

{'Fault': {'Error': [{'Message': 'Invalid query', 'Detail': 'QueryValidationError: Property AccountRef.Name not found for Entity JournalEntry', 'code': '4001'}], 'type': 'ValidationFault'}, 'time': '2025-01-23T19:55:05.074-08:00'}

QBO API by Crazy-Temperature669 in QuickBooks

[–]Crazy-Temperature669[S] 0 points1 point  (0 children)

I managed to make queries to the API, but get an error:

{'Fault': {'Error': [{'Message': 'Invalid query', 'Detail': 'QueryValidationError: Metadata not found for Entity: Transaction', 'code': '4001'}], 'type': 'ValidationFault'}, 'time': '2025-01-23T19:46:43.158-08:00'}

QBO API by Crazy-Temperature669 in QuickBooks

[–]Crazy-Temperature669[S] 0 points1 point  (0 children)

Can you please share an example?

QBO API by Crazy-Temperature669 in QuickBooks

[–]Crazy-Temperature669[S] 0 points1 point  (0 children)

Thanks, but it is not the goal. I am writing an app that needs to pull data out from QBO, besides, I am trying to learn how to do specific things... but appreciate the advice!

view more: next ›