Django 使用 Allauth 进行休息验证 [英] Django rest auth with Allauth

问题描述

我已经使用 Allauth 实现了 django rest auth，如果我通过 google access_token 登录，它工作正常，但是有些客户端设备需要通过 google id_token 登录.如果我使用 id_token 而不是 access_token

I have implemented django rest auth with Allauth and its working fine if I login through google access_token but there is a case when some client device need to login by google id_token. I am getting error if I use id_token instead of access_token

{
  "non_field_errors": [
    "Incorrect value"
  ]
}

请帮帮我

推荐答案

像这样更新你的文件

../allauth/socialaccount/providers/google/provider.py:

class GoogleProvider(OAuth2Provider):
    ....

    def extract_uid(self, data):
        try:
            return str(data['id'])
        except KeyError:
            return str(data['user_id'])

../allauth/socialaccount/providers/google/views.py:

class GoogleOAuth2Adapter(OAuth2Adapter):
    provider_id = GoogleProvider.id
    access_token_url = 'https://accounts.google.com/o/oauth2/token'
    authorize_url = 'https://accounts.google.com/o/oauth2/auth'
    profile_url = 'https://www.googleapis.com/oauth2/v1/userinfo'
    token_url = 'https://www.googleapis.com/oauth2/v1/tokeninfo'

    def complete_login(self, request, app, token, **kwargs):
        if 'rest-auth/google' in request.path:
            print('rest-auth api')
            # /api/rest-auth/google
            # but not for website login with google
            resp = requests.get(self.token_url,
                            params={'id_token': token.token,
                                    'alt': 'json'})
        else:
            print('else else rest-auth api')
            resp = requests.get(self.profile_url,
                            params={'access_token': token.token,
                                    'alt': 'json'})
        resp.raise_for_status()
        extra_data = resp.json()
        login = self.get_provider() 
            .sociallogin_from_response(request,
                                   extra_data)
        return login


oauth2_login = OAuth2LoginView.adapter_view(GoogleOAuth2Adapter)
oauth2_callback = OAuth2CallbackView.adapter_view(GoogleOAuth2Adapter)

如果使用 id_token，您将只获得这些文件(access_type、受众、电子邮件、email_verified、expires_in、issued_at、issued_to、issuer、nonce、scope、user_id、verified_email).因此，如果您的用户表需要 phone 和 name，您可以将其设置为空 name='' 等.为此，您可以使用以下代码.

For using id_token you will get only these fileds (access_type, audience, email, email_verified, expires_in, issued_at, issued_to, issuer, nonce, scope, user_id, verified_email). So if your user table required phone and name you can set the to empty name='' etc. For this you can use the following code.

将用户模型必填字段设置为空以覆盖id_token 案例

Set user model required fields to empty for covering id_token case

这取决于您的用户模型，就我而言，我们需要电话和姓名，因此我将它们设置为空.如果你不这样做，你会得到失败的约束错误.

It depends upon your user model, in my case we need both phone and name so I have set them empty. If you don't do this you will get failed constraints errors.

../allauth/socialaccount/providers/base.py

class Provider(object):
    def sociallogin_from_response(self, request, response):
        ....
        common_fields = self.extract_common_fields(response)
        common_fields['name'] = common_fields.get('name', '')
        common_fields['phone'] = common_fields.get('phone', '')
        common_fields['username'] = uid
        ....

我已将用户名设置为从社交平台 api 获取的用户 ID.后来我强迫用户更新其详细信息(用户名、姓名、电话等).

I have set the username to user id obtained from social platform api. Later I am forcing user to update its details (username, name, phone etc).

这篇关于Django 使用 Allauth 进行休息验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！