django-vkontakte-iframe / README.rst


Django app for developing (aka largest, Russian social network) iframe applications.

Handles user authentication and registration.


$ pip install django-vkontakte-iframe


  • django-annoying for AutoOneToOneField


  • vkontakte >= 1.3 for request.vk_api and for populating cities and countries info via admin action.


  1. Register and configure vkontakte iframe application here:

  2. Add your app's settings to

    VK_APP_ID = '1234567'                   # Application ID
    VK_APP_KEY = 'M1gytuHwni'               # Application key
    VK_APP_SECRET = 'MiRFwrDYwcYFCTD18EcY'  # Secure key
  3. Add 'vk_iframe' to INSTALLED_APPS.

  4. Add 'vk_iframe.backends.VkontakteUserBackend' to AUTHENTICATION_BACKENDS:

  5. Put 'vk_iframe.middleware.AuthenticationMiddleware', 'vk_iframe.middleware.IFrameFixMiddleware' and 'vk_iframe.middleware.LoginRequiredMiddleware' to MIDDLEWARE_CLASSES:

        # ...
        # ...
        # ...
        # ...

    Please note that 'vk_iframe.middleware.AuthenticationMiddleware' must be after 'django.contrib.auth.middleware.AuthenticationMiddleware' but before 'django.middleware.locale.LocaleMiddleware'.

    'vk_iframe.middleware.LoginRequiredMiddleware' must be after 'vk_iframe.middleware.AuthenticationMiddleware'.

    Vkontakte visitors will be automatically registered and authorized as django users (username == vkontakte user id).

    LoginRequiredMiddleware is an optional. It returns 403 for all unauthorized requests with urls not listed in settings.PUBLIC_URLS. You should enable it for security reasons. Example of PUBLIC_URLS:


    If i18n is in use then vkontakte user's language will be used as django's user language.

  6. Run python ./ syncdb (or python ./ migrate vk_iframe if South is used)

  7. Optional: load initial geo data (cities and countries):

    python manage loaddata vk-geo
  8. If you want to store more user data then put the following line as the 'First API request' ('Первый запрос к API') option (in your app edit page at

  9. For IE: adjust P3P policy header value according to your site privacy policy by providing VK_P3P_POLICY option in your


    Default value is 'IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'. See for the full set of tags.

  10. That's all. All your app's visitors are now registered and authenticated django users. Additional profile data is available as user.vk_profile. vkontakte.API instance is available as request.vk_api if there is an access token available.

Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.