python django django-rest-framework bankid

Integrating BankID (Swedish authentication service) into Python in Django to login

I'm pretty new to Django, but here goes.

I want to integrate a third party verification service in my web app with Django, specifically BankID.
BankID is a citizen identification solution that allows companies, banks and governments agencies to authenticate and conclude agreements with individuals over the Internet in Sweden.

BankID should be used as login verification (BankID & Mobile BankID), see example website: https://e-tjanster.1177.se/mvk/login/login.xhtml

I have read their developer guide: https://www.bankid.com/assets/bankid/rp/bankid-relying-party-guidelines-v3.4.pdf

But I want to do this through Django. Django has a rest frame work, that I've been trying to use, but with no success: https://www.django-rest-framework.org/

Sample code of applied bankID in Python not through Django (I want to apply this below in Django): https://github.com/fiso/smooth-bankid/blob/master/README.md https://github.com/fiso/smooth-bankid/tree/master/examples/python

My webapp: https://defreitasbolaget.herokuapp.com

My Requirement.txt file is:

boto3==1.9.96
botocore==1.12.96
certifi==2018.10.15
cffi==1.14.1
chardet==3.0.4
cryptography==3.0
dj-database-url==0.5.0
Django==2.1
django-crispy-forms==1.7.2
django-heroku==0.3.1
django-storages==1.7.1
docutils==0.14
gunicorn==19.9.0
idna==2.7
jmespath==0.9.3
Pillow==5.2.0
psycopg2==2.7.7
pycparser==2.20
pyOpenSSL==19.1.0
python-dateutil==2.8.0
pytz==2018.5
requests==2.19.1
s3transfer==0.2.0
six==1.12.0
urllib3==1.23
whitenoise==4.1.2

Concluding: I want to integrate BankID (Swedish version) into my Django Python Application. What is the best way to do this? Any help is appreciated.

Solution

you need:

to write your custom User model to integrate BankID and override the default one via AUTH_USER_MODEL in settings.py

refer to https://docs.djangoproject.com/en/2.2/topics/auth/customizing/#substituting-a-custom-user-model

and have a closer look at AbstractUser in https://github.com/django/django/blob/master/django/contrib/auth/models.py

to write your custom authentication backend and override the default one via AUTHENTICATION_BACKENDS in settings.py

refer to https://docs.djangoproject.com/en/3.1/topics/auth/customizing/

and also have a closer look at ModelBackend in https://github.com/django/django/blob/master/django/contrib/auth/backends.py

but the best approach in my opinion would be implementing BankID authentication as a 3rd Django extension / package and keep updating it independently.

Update

refer to this project https://pypi.org/project/pybankid/

PyBankID is a client for providing BankID services as a Relying Party, i.e. providing authentication and signing functionality to end users. This package provides a simplifying interface for initiating authentication and signing orders and then collecting the results from the BankID servers.

and this project https://pypi.org/project/Flask-PyBankID/

A Flask extension for using PyBankID on your site.

to get the idea and port it to django.