Django-Xero
Xero integration for Django.
Features
This package allows users to authenticate to Xero via a Public App that you have registered on the Xero Developer Portal.
Whenever you want to trigger authentication with Xero, just redirect to the view
xero_auth_start (either directly or via resolve('xero-auth-start') and this package
will do the rest.
The view also accepts an optional nextparameter to control where the user will land
on successful authentication; otherwise it will redirect to /.
Xero sessions last for 30 minutes, but if you want to end them earlier, POST to
the view xero_logout (again with an optional next).
There is also a @xero_required decorator for views, which will automatically
check if an active Xero session is present. If not, it will redirect to an interstitial page
asking the user to do the authentication dance. You can control that page by creating a
custom template xero/interstitial.html (make sure it has a link to xero-auth-start somewhere).
Once authorized, in your view you will get a .xerouser attribute which you can use to do stuff like:
from djxero.decorators import xero_required
@login_required
@xero_required
def my_view(request):
client = request.user.xerouser.client
contacts = client.contacts.all()
...That client is a preconfigured xero.Xero object from pyxero.
Some details will be exposed in User instances under .xerouser, but the Xero mechanisms
are such that it's all pretty meaningless - there is currently no way to know anything about the user
from the xero session alone. For that reason, note that
you must have some other registration mechanism to create a regular Django
user first (e.g. regular login page with some other auth system); this package only extends
that User instance to attach a temporary Xero session.
If your User model has the same email or firstname/lastname as recorded in Xero,
you can try to guess its details with request.user.xerouser.guess_user() and then manually save the ID
in request.user.xerouser.xero_id, but the heuristic is very basic and may or may not work.
Supported Platforms
- Python 3.7 (should work on 3.5/3.6 too, but is untested).
- Django 2
Requirements
django-xero should automatically download all necessary prerequisites, but I like to give credit where credit is due. We stand on the shoulders of the following giants:
Installation
- Install the package
pip install django-xero - Add
encrypted_model_fieldsanddjxerotoINSTALLED_APPSin your settings. Note that the authentication system is required.INSTALLED_APPS = [ 'django.contrib.auth', 'django.contrib.sessions', ... 'encrypted_model_fields', 'djxero', ... ]
- Generate an encryption key:
and add it to your settings. NOTE: in production, you want to store this safely.
python -c 'import base64; import os; print(base64.urlsafe_b64encode(os.urandom(32)))'FIELD_ENCRYPTION_KEY = b'A7c4T1Kx3XmttUjm2cX8ScYcUEdF7RzFziEzfoBO7x4='
- Run migrations to create the necessary objects
python manage.py migrate djxero
- Set the Xero secrets for your public app. You can do this from the admin site (easier),
or directly via
manage.py shell:from djxero.models import XeroSecret consumer_key = XeroSecret.objects.get(pk='xero_consumer_key') consumer_key.value = 'your key' consumer_key.save() consumer_secret = XeroSecret.objects.get(pk='xero_consumer_secret') consumer_secret.value = 'your secret' consumer_secret.save()
- in your project
urls.py, add the following:urlpatterns = [ path('xero/', include('djxero.urls')), ... ]
Issues
For problems, file an issue on GitHub. The author is available for hire (hint hint).
Credits and License
Copyright (c) 2019 Giacomo Lacava.
Released under the terms of the Apache Software License, version 2.
