Easy to use JWT with 3rd party login.
Project description
Django Simple 3rd Party JWT
This is a simple tool for 3rd party login with JWT.
Installation
pip install django-simple-third-party-jwt
Check it in Pypi.
Quick Start
Backend
- Add
django_simple_third_party_jwt
to yourINSTALLED_APPS
insettings.py
like this:
INSTALLED_APPS = [
...
'django_simple_third_party_jwt',
]
- Add APP settings to your
settings.py
like this:
from datetime import timedelta
# -------------- START - CORS Setting --------------
CORS_ALLOW_ALL_ORIGINS = True
CORS_ALLOW_CREDENTIALS = True
CSRF_TRUSTED_ORIGINS = [
"http://*.127.0.0.1",
"http://localhost",
]
# -------------- END - CORS Setting -----------------
# -------------- Start - SimpleJWT Setting --------------
SIMPLE_JWT = {
"ACCESS_TOKEN_LIFETIME": timedelta(minutes=3600),
"REFRESH_TOKEN_LIFETIME": timedelta(days=1),
"ROTATE_REFRESH_TOKENS": False,
"BLACKLIST_AFTER_ROTATION": False,
"UPDATE_LAST_LOGIN": False,
"ALGORITHM": "HS256",
"SIGNING_KEY": SECRET_KEY,
"VERIFYING_KEY": None,
"AUDIENCE": None,
"ISSUER": None,
"JWK_URL": None,
"LEEWAY": 0,
"AUTH_HEADER_TYPES": ("Bearer",),
"AUTH_HEADER_NAME": "HTTP_AUTHORIZATION",
"USER_ID_FIELD": "id",
"USER_ID_CLAIM": "user_id",
"USER_AUTHENTICATION_RULE": "rest_framework_simplejwt.authentication.default_user_authentication_rule",
"AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",),
"TOKEN_TYPE_CLAIM": "token_type",
"TOKEN_USER_CLASS": "rest_framework_simplejwt.models.TokenUser",
"JTI_CLAIM": "jti",
"SLIDING_TOKEN_REFRESH_EXP_CLAIM": "refresh_exp",
"SLIDING_TOKEN_LIFETIME": timedelta(minutes=5),
"SLIDING_TOKEN_REFRESH_LIFETIME": timedelta(days=1),
}
# -------------- END - SimpleJWT Setting --------------
# -------------- START - Google Auth Setting --------------
SECURE_REFERRER_POLICY = "no-referrer-when-downgrade"
# SECURE_CROSS_ORIGIN_OPENER_POLICY = "same-origin-allow-popups"
SECURE_CROSS_ORIGIN_OPENER_POLICY = None
SOCIAL_GOOGLE_CLIENT_ID = (
"376808175534-d6mefo6b1kqih3grjjose2euree2g3cs.apps.googleusercontent.com" # Here is test client ID used with `localhost:8000`.
)
LOGIN_REDIRECT_URL = "/"
VALID_REGISTER_DOMAINS = ["gmail.com"] # Only these domains can login.
# --------------- END - Google Auth Setting -----------------
- Include the
django_simple_third_party_jwt
URL settings in your projecturls.py
like this:
from django.conf import settings
from django.urls import include
urlpatterns += [
# google login
path("api/auth/google/", include("django_simple_third_party_jwt.urls")),
]
You also need to include JWT settings in your urls.py
.
# --------------- JWT
from rest_framework_simplejwt.views import (
TokenVerifyView, TokenObtainPairView, TokenRefreshView
)
urlpatterns += [
path("api/auth/token", TokenObtainPairView.as_view(), name="token_get"),
path("api/auth/token/refresh", TokenRefreshView.as_view(), name="token_refresh"),
path("api/auth/token/verify", TokenVerifyView.as_view(), name="token_verify"),
]
# ---------------------------------
- Migrate and test on your server.
- Migrate
python manage.py migrate django_simple_third_party_jwt
- Test
python manage.py runserver
Frontend
You need to check {{ social_google_client_id }}
is the same with Metadata
and your Html
page.
- Meta
<meta name="google-signin-scope" content="profile email" />
<meta name="google-signin-client_id" content="{{ social_google_client_id }}" />
<script src="https://accounts.google.com/gsi/client" async defer></script>
- Html
<li>
<div id="g_id_onload"
data-client_id="{{ social_google_client_id }}"
data-callback="get_jwt_using_google_credential" </div>
<div class="g_id_signin" data-type="standard" data-size="large" data-theme="outline"
data-text="sign_in_with" data-shape="rectangular" data-logo_alignment="left">
</div>
</li>
- Javascript
You can try this script to get credential token from Google and verify it with calling our custom 3rd party API.
<script>
function get_jwt_using_google_credential(data) {
const credential = data.credential;
$.ajax({
method: "POST",
url: "/api/auth/google/token",
data: { credential: credential },
}).done(function (data) {
const access_token = data.access;
const refresh_token = data.refresh_token;
localStorage.setItem("access", access_token);
localStorage.setItem("refresh", refresh_token);
console.log("Google Login");
$.ajax({
type: "POST",
url: "/api/auth/token/verify",
data: { token: access_token },
headers: {
Authorization: "Bearer" + " " + access_token,
},
success: function (data) {
var json_string = JSON.stringify(data, null, 2);
if (json_string) {
console.log("Token verified successfully!");
}
},
error: function (data) {
var result = "please login " + data.responseText;
console.log(result);
},
});
});
}
</script>
Example
Run example backend
You can see the example in ./example/
git clone https://github.com/NatLee/Django-Simple-3rd-Party-JWT
cd Django-Simple-3rd-Party-JWT/example/django_simple_third_party_jwt_example/
pip install -r requirements.txt
python manage.py makemigrations && python manage.py migrate
python manage.py runserver
If you need superuser, run:
python manage.py createsuperuser
Visit example frontend
Open browser and visit localhost:8000
.
There are several url routes available in this example.
api/auth/google/
api/__hidden_admin/
api/__hidden_dev_dashboard/
api/auth/token [name='token_get']
api/auth/token/refresh [name='token_refresh']
api/auth/token/verify [name='token_verify']
^api/__hidden_swagger(?P<format>\.json|\.yaml)$ [name='schema-json']
^api/__hidden_swagger/$ [name='schema-swagger-ui']
^api/__hidden_redoc/$ [name='schema-redoc']
- Dev Dashboard
In the first, visit testing dashboardhttp://localhost:8000/api/__hidden_dev_dashboard/
.
And, you can find Google Login in the top right corner like below.
Click it.
When you login, you will see the following hint.
If you want to filter domains with Google Login, feel free to check VALID_REGISTER_DOMAINS
in settings.py
.
Once you login with Google, your account ID will be recorded in the database.
See more login information in
social_account
table in database.
id | provider | unique_id | user_id |
---|---|---|---|
1 | 100056159912345678 | 1 |
- Swagger
Also can see all information of APIs in http://localhost:8000/api/__hidden_swagger/
.
More
Check https://developers.google.com/identity/gsi/web/guides/overview with more information of Google Login API.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django-simple-third-party-jwt-0.0.4.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9a08637189ac15b58f9e4fd35f9412b6ac9ed499fa609f085ab5b38c70e2b61d |
|
MD5 | 03c1d287397e144eb2d6aa2ffe33e673 |
|
BLAKE2b-256 | f553b1c11c2cbbb977dacf286d66f6871387b52e926781f75944d5210c2e5bca |
Hashes for django_simple_third_party_jwt-0.0.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6841625ed4a8399b5dea1732e1fec25a6604b38de8b1c1b6acd0f0c040a9c5d4 |
|
MD5 | 63fde6ceb5ead2d3f6c613b49883f95c |
|
BLAKE2b-256 | a1bc13e7d76dc1d1b2c69cf5d8956492ee21b4f2ad9b8730ff0147d7f61a3d06 |