Quickstart¶
There is a @xero_required
decorator for views, which will automatically
check if an active Xero session is present. If not, it will redirect to an interstitial page
asking the user to do the authentication dance. You can control that page by creating a
custom template xero/interstitial.html
(make sure it has a link to xero-auth-start
somewhere).
Once authorized, in your view you will get a .xerouser attribute which you can use to do stuff like:
from djxero.decorators import xero_required
@login_required
@xero_required
def my_view(request):
client = request.user.xerouser.client
contacts = client.contacts.all()
...
That client is a preconfigured xero.Xero
object from pyxero.
Whenever you want to manually trigger authentication with Xero, just redirect to the view
xero-auth-start
and this package will do the rest.
The view accepts an optional next
parameter to control where the user will land
on successful authentication; otherwise it will redirect to /
.
Xero sessions last for 30 minutes, but if you want to end them earlier, POST to
the view xero-logout
(again with an optional next
).
Some details will be exposed in User
instances under .xerouser
, but Xero mechanisms
are such that it’s all pretty meaningless - there is currently no way to know anything about the user
from the Xero session alone. For that reason, note that you must have some other registration mechanism to
create a regular Django user first (e.g. regular login page with some other auth system); this package only extends
that User
instance to attach a temporary Xero session.