我们通过GitHub上的几个代码实现来将Disqus SSO集成到我们的Django网站中。我们的要求是一个简单的,我们用它下面的工作流程:
在disqus.py:
import base64
import hashlib
import hmac
import json as simplejson
import time
DISQUS_SECRET_KEY = 'SECRET KEY FROM API'
DISQUS_PUBLIC_KEY = 'PUBLIC KEY FROM API'
def get_disqus_sso(user_id=None, username=None, email=None):
if user_id:
user_data = {
'id': user_id,
'username': username,
'email': email,
}
else:
user_data = {}
# create a JSON packet of our data attributes
data = simplejson.dumps(user_data)
# encode the data to base64
message = base64.b64encode(data)
# generate a timestamp for signing the message
timestamp = int(time.time())
# generate our hmac signature
sig = hmac.HMAC(DISQUS_SECRET_KEY,
'%s %s' % (message, timestamp), hashlib.sha1).hexdigest()
# return a script tag to insert the sso message
return """<script type="text/javascript">
var disqus_config = function() {
this.page.remote_auth_s3 = "%(message)s %(sig)s %(timestamp)s";
this.page.api_key = "%(pub_key)s";
this.sso = {
name: "Screener Talks",
button: "http://www.screener.in/static/img/social/disqus.png",
url: "http://www.screener.in/register/",
logout: "http://www.screener.in/logout/",
};
}
</script>""" % dict(
message=message,
timestamp=timestamp,
sig=sig,
pub_key=DISQUS_PUBLIC_KEY,
)
在views.py:
def _get_disqus_sso(user):
if user.is_authenticated():
disqus_sso = get_disqus_sso(
user.id,
user.display_name,
user.email,)
else:
disqus_sso = get_disqus_sso()
return disqus_sso
def some_view(request):
...
disqus_sso = _get_disqus_sso(request.user)
return render(request, "template.html", {"disqus_sso": disqus_sso})
而且在template.html:
<div id="disqus_thread"></div>
<script type="text/javascript">
var disqus_shortname = 'SITESHORTNAME';
var disqus_identifier = 'POST ID';
var disqus_title = 'POST TITLE';
/* * * DON'T EDIT BELOW THIS LINE * * */
(function() {
var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js';
(document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
})();
</script>
<noscript>Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
<a href="http://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
{{ disqus_sso|safe }}
大部分代码来自GitHub上的各种片段,但不幸的是我找不到确切的来源。这可能会有所帮助,但:https://github.com/jumoconnect/openjumo/blob/master/jumodjango/lib/disqus.py
感谢您的响应..它看起来像X-Disqus-Remote-Auth和X-Disqus-Publisher-API-Key不在标头中? – Lee
这意味着有效载荷永远不会将它传递给我们的服务器来进行考虑。如果在嵌入代码之后放置'var disqus_config',它会起作用吗? –
不好运气:(..你有任何其他想法。我建立一个为Disqus支持的例子,但我不断得到通用的回复。 – Lee