I am using python-social-auth for login and to create a user profile. Unlike the profile example here which creates the profile at the end of the pipeline, my app shouldn't allow creating the user without a profile. I followed the Django example provided in github source, so I have a partial pipeline which requires the profile and displays a Django form after authentication is successful.
SOCIAL_AUTH_PIPELINE = (
'social.pipeline.social_auth.social_details',
'social.pipeline.social_auth.social_uid',
'social.pipeline.social_auth.auth_allowed',
'social.pipeline.social_auth.social_user',
'social.pipeline.user.get_username',
'accounts.pipeline.require_profile',
'accounts.pipeline.create_user_profile',
'social.pipeline.social_auth.associate_user',
'social.pipeline.debug.debug',
'social.pipeline.social_auth.load_extra_data',
'social.pipeline.user.user_details',
#'social.pipeline.debug.debug'
)
The partial pipeline redirect to the view which renders the login and the profile form. Here is the code in the view which checks if the form is valid and then completes the pipeline.
if profile_form.is_valid():
request.session['form_data'] = profile_form.cleaned_data
...
return redirect('social:complete', backend=backend)
The form contains a mix of CharFields and ModelMultipleChoiceField/ModelChoiceField, and when I try to set the form data in the session, I got a type error as the dict is not serializable:
Type Error: <Model: object> is not JSON serializable.
When I read about it and tried 'django.contrib.sessions.serializers.PickleSerializer', it worked fine. But I am reluctant to use it after reading about it's performance and security issues.
I am new to Python-social-auth and this might not be the best approach to do it. I wonder if there is a way to pass the form data to the pipeline, without writing a custom serializer, so as to save the user and profile.
Thanks for any help.
Edit
How I handled this is by having the profile form submission redirect to the pipeline(partial) and not the view. In the pipeline, I used request_data when the request is POST and validated the form, and set the profile form data in the details dict. Probably not the best solution but it did the job for me)
