add github social auth

mominur-helios · mominur-helios · commit 33add8f2edcd · 2022-12-07T15:17:20.000+06:00
diff --git a/api/authentication/migrations/0001_initial.py b/api/authentication/migrations/0001_initial.py
@@ -1,4 +1,4 @@
-# Generated by Django 3.2.5 on 2021-07-15 11:29
+# Generated by Django 3.2.13 on 2022-12-06 11:33
 
 from django.conf import settings
 from django.db import migrations, models
@@ -15,26 +15,12 @@ class Migration(migrations.Migration):
 
     operations = [
         migrations.CreateModel(
-            name="ActiveSession",
+            name='ActiveSession',
             fields=[
-                (
-                    "id",
-                    models.BigAutoField(
-                        auto_created=True,
-                        primary_key=True,
-                        serialize=False,
-                        verbose_name="ID",
-                    ),
-                ),
-                ("token", models.CharField(max_length=255)),
-                ("date", models.DateTimeField(auto_now_add=True)),
-                (
-                    "user",
-                    models.ForeignKey(
-                        on_delete=django.db.models.deletion.CASCADE,
-                        to=settings.AUTH_USER_MODEL,
-                    ),
-                ),
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('token', models.CharField(max_length=255)),
+                ('date', models.DateTimeField(auto_now_add=True)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
             ],
         ),
     ]
diff --git a/api/authentication/serializers/login.py b/api/authentication/serializers/login.py
@@ -8,6 +8,7 @@
 from api.authentication.models import ActiveSession
 
 
+
 def _generate_jwt_token(user):
     token = jwt.encode(
         {"id": user.pk, "exp": datetime.utcnow() + timedelta(days=7)},
@@ -61,3 +62,8 @@ def validate(self, data):
             "token": session.token,
             "user": {"_id": user.pk, "username": user.username, "email": user.email},
         }
+
+
+class GithubSerializer(serializers.Serializer):
+    code = serializers.CharField(max_length=255)
+
diff --git a/api/authentication/viewsets/social_login.py b/api/authentication/viewsets/social_login.py
@@ -0,0 +1,62 @@
+import requests
+import jwt
+
+from rest_framework import viewsets
+from rest_framework.response import Response
+from rest_framework.permissions import AllowAny
+from django.conf import settings
+from django.core.exceptions import ObjectDoesNotExist
+
+from api.authentication.serializers.login import GithubSerializer, _generate_jwt_token
+from api.user.models import User
+from api.authentication.models import ActiveSession
+
+
+class GithubSocialLogin(viewsets.ModelViewSet):
+    http_method_names = ["post"]
+    permission_classes = (AllowAny,)
+    serializer_class = GithubSerializer
+
+    def create(self, request, *args, **kwargs):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+
+        code = serializer.data['code']
+        client_id = getattr(settings, 'GITHUB_CLIENT_ID')
+        client_secret = getattr(settings, 'GITHUB_SECRET_KEY')
+        root_url = 'https://github.com/login/oauth/access_token'
+
+        params = { 'client_id': client_id, 'client_secret': client_secret, 'code': code }
+
+        data = requests.post(root_url, params=params, headers={
+          'Content-Type': 'application/x-www-form-urlencoded',
+        })
+
+        response = data._content.decode('utf-8')
+        access_token = response.split('&')[0].split('=')[1]
+
+        user_data = requests.get('https://api.github.com/user', headers={
+            "Authorization": "Bearer " + access_token
+        }).json()
+
+        if User.objects.filter(username=user_data['login'], email=user_data['email']).exists():
+            user = User.objects.get(username=user_data['login'], email=user_data['email'])
+        else:
+            user = User.objects.create_user(username=user_data['login'], email=user_data['email'])
+        
+        try:
+            session = ActiveSession.objects.get(user=user)
+            if not session.token:
+                raise ValueError
+
+            jwt.decode(session.token, settings.SECRET_KEY, algorithms=["HS256"])
+
+        except (ObjectDoesNotExist, ValueError, jwt.ExpiredSignatureError):
+            session = ActiveSession.objects.create(
+                user=user, token=_generate_jwt_token(user)
+            )
+             
+        return Response({
+            "success": True,
+            "user": {"_id": user.pk, "username": user.username, "email": user.email, "token": session.token},
+        })
diff --git a/api/routers.py b/api/routers.py
@@ -4,6 +4,7 @@
     ActiveSessionViewSet,
     LogoutViewSet,
 )
+from api.authentication.viewsets.social_login import GithubSocialLogin
 from rest_framework import routers
 from api.user.viewsets import UserViewSet
 
@@ -19,6 +20,8 @@
 
 router.register(r"logout", LogoutViewSet, basename="logout")
 
+router.register(r"github-login", GithubSocialLogin, basename="github-login")
+
 urlpatterns = [
     *router.urls,
 ]
diff --git a/api/user/migrations/0001_initial.py b/api/user/migrations/0001_initial.py
@@ -1,4 +1,4 @@
-# Generated by Django 3.2.5 on 2021-07-15 11:20
+# Generated by Django 3.2.13 on 2022-12-06 11:33
 
 from django.db import migrations, models
 
@@ -8,69 +8,27 @@ class Migration(migrations.Migration):
     initial = True
 
     dependencies = [
-        ("auth", "0012_alter_user_first_name_max_length"),
+        ('auth', '0012_alter_user_first_name_max_length'),
     ]
 
     operations = [
         migrations.CreateModel(
-            name="User",
+            name='User',
             fields=[
-                (
-                    "id",
-                    models.BigAutoField(
-                        auto_created=True,
-                        primary_key=True,
-                        serialize=False,
-                        verbose_name="ID",
-                    ),
-                ),
-                ("password", models.CharField(max_length=128, verbose_name="password")),
-                (
-                    "last_login",
-                    models.DateTimeField(
-                        blank=True, null=True, verbose_name="last login"
-                    ),
-                ),
-                (
-                    "is_superuser",
-                    models.BooleanField(
-                        default=False,
-                        help_text="Designates that this user has all permissions without explicitly assigning them.",
-                        verbose_name="superuser status",
-                    ),
-                ),
-                ("username", models.CharField(db_index=True, max_length=255)),
-                (
-                    "email",
-                    models.EmailField(db_index=True, max_length=254, unique=True),
-                ),
-                ("is_active", models.BooleanField(default=True)),
-                ("date", models.DateTimeField(auto_now_add=True)),
-                (
-                    "groups",
-                    models.ManyToManyField(
-                        blank=True,
-                        help_text="The groups this user belongs to. A user will get all permissions granted to each of their groups.",
-                        related_name="user_set",
-                        related_query_name="user",
-                        to="auth.Group",
-                        verbose_name="groups",
-                    ),
-                ),
-                (
-                    "user_permissions",
-                    models.ManyToManyField(
-                        blank=True,
-                        help_text="Specific permissions for this user.",
-                        related_name="user_set",
-                        related_query_name="user",
-                        to="auth.Permission",
-                        verbose_name="user permissions",
-                    ),
-                ),
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('username', models.CharField(db_index=True, max_length=255, unique=True)),
+                ('email', models.EmailField(db_index=True, max_length=254, unique=True)),
+                ('is_active', models.BooleanField(default=True)),
+                ('is_staff', models.BooleanField(default=False)),
+                ('date', models.DateTimeField(auto_now_add=True)),
+                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.Group', verbose_name='groups')),
+                ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.Permission', verbose_name='user permissions')),
             ],
             options={
-                "abstract": False,
+                'abstract': False,
             },
         ),
     ]
diff --git a/api/user/migrations/0002_user_is_staff.py b/api/user/migrations/0002_user_is_staff.py
diff --git a/api/user/migrations/0003_alter_user_username.py b/api/user/migrations/0003_alter_user_username.py
diff --git a/core/settings.py b/core/settings.py
@@ -21,6 +21,8 @@
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
 
+environ.Env.read_env(os.path.join(BASE_DIR, '.env'))
+
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/
 
@@ -176,3 +178,7 @@
 
 TESTING = False
 TEST_RUNNER = "core.test_runner.CoreTestRunner"
+
+# GitHub social authentication
+GITHUB_CLIENT_ID = env('GITHUB_CLIENT_ID')
+GITHUB_SECRET_KEY = env('GITHUB_SECRET_KEY')
diff --git a/core/urls.py b/core/urls.py
@@ -1,5 +1,8 @@
 from django.urls import path, include
+from django.contrib import admin
+from api.authentication.viewsets.social_login import GithubSocialLogin
 
 urlpatterns = [
+    path('admin/', admin.site.urls),
     path("api/users/", include(("api.routers", "api"), namespace="api")),
 ]
diff --git a/requirements.txt b/requirements.txt
@@ -1,6 +1,23 @@
+asgiref==3.5.2
+certifi==2022.9.24
+cffi==1.15.1
+charset-normalizer==2.1.1
+cryptography==38.0.4
+defusedxml==0.7.1
 Django==3.2.13
-djangorestframework==3.13.1
-PyJWT==2.4.0
 django-cors-headers==3.13.0
-gunicorn==20.1.0
 django-environ==0.8.1
+djangorestframework==3.13.1
+gunicorn==20.1.0
+idna==3.4
+oauthlib==3.2.2
+pycparser==2.21
+PyJWT==2.4.0
+python3-openid==3.2.0
+pytz==2022.6
+requests==2.28.1
+requests-oauthlib==1.3.1
+six==1.16.0
+social-auth-core==4.3.0
+sqlparse==0.4.3
+urllib3==1.26.13

Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,7 @@`
`4`	`4`	`ActiveSessionViewSet,`
`5`	`5`	`LogoutViewSet,`
`6`	`6`	`)`
	`7`	`+from api.authentication.viewsets.social_login import GithubSocialLogin`
`7`	`8`	`from rest_framework import routers`
`8`	`9`	`from api.user.viewsets import UserViewSet`
`9`	`10`
`@@ -19,6 +20,8 @@`
`19`	`20`
`20`	`21`	`router.register(r"logout", LogoutViewSet, basename="logout")`
`21`	`22`
	`23`	`+router.register(r"github-login", GithubSocialLogin, basename="github-login")`
	`24`	`+`
`22`	`25`	`urlpatterns = [`
`23`	`26`	`*router.urls,`
`24`	`27`	`]`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,8 @@`
`1`	`1`	`from django.urls import path, include`
	`2`	`+from django.contrib import admin`
	`3`	`+from api.authentication.viewsets.social_login import GithubSocialLogin`
`2`	`4`
`3`	`5`	`urlpatterns = [`
	`6`	`+ path('admin/', admin.site.urls),`
`4`	`7`	`path("api/users/", include(("api.routers", "api"), namespace="api")),`
`5`	`8`	`]`