-
-
Save noisy/cd222f0446cc2936fca975935be0a060 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import re | |
import requests | |
import json | |
from django.contrib.auth.models import User | |
from oauth2_provider.models import AccessToken | |
def generate_github_access_token(github_client_id, github_client_secret, github_code): | |
""" | |
create an access token to github Oauth2. | |
:param github_client_id: client_id from https://github.com/settings/developers | |
:param github_client_secret: client secret from https://github.com/settings/developers | |
:param code: code generated by client from http://github.com/login/oauth/authorize/ | |
:return: json data on user's api | |
""" | |
auth_response = requests.post( | |
'https://github.com/login/oauth/access_token/', | |
data=json.dumps({ | |
'client_id': github_client_id, | |
'client_secret': github_client_secret, | |
'code': github_code | |
}), | |
headers={'content-type': 'application/json'} | |
) | |
token = re.search(r'access_token=([a-zA-Z0-9]+)', auth_response.content.decode('utf-8')) | |
if token is None: | |
raise PermissionError(auth_response) | |
return token.group(1) | |
def convert_to_auth_token(client_id, client_secret, backend, token): | |
""" | |
given a previously generated access_token use the django-rest-framework-social-oauth2 | |
endpoint `/convert-token/` to authenticate the user and return a django auth | |
token | |
:param client_id: from OathToolkit application | |
:param client_secret:from OathToolkit application | |
:param backend: authentication backend to use ('github', 'facebook', etc.) | |
:param token: access token generated from the backend | |
:return: django auth token | |
""" | |
params = { | |
'grant_type': 'convert_token', | |
'client_id': client_id, | |
'client_secret': client_secret, | |
'backend': backend, | |
'token': token, | |
} | |
response = requests.post('http://localhost:8000/api/auth/convert-token/', params=params) | |
return response.json() | |
def get_user_from_token(django_auth_token): | |
""" | |
Retrieve the user object given an access token | |
:param django_auth_token: Oathtoolkit access token | |
:return: user object | |
""" | |
return User.objects.get(id=AccessToken.objects.get(token=django_auth_token['access_token']).user_id) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from webapi.settings import SOCIAL_AUTH_GITHUB_KEY, SOCIAL_AUTH_GITHUB_SECRET, CLIENT_ID, CLIENT_SECRET | |
from api.serializers import UserSerializer | |
from api.oauth import generate_github_access_token, convert_to_auth_token, get_user_from_token | |
@api_view(['POST']) | |
def authenticate(request, code): | |
github_token = generate_github_access_token(SOCIAL_AUTH_GITHUB_KEY, SOCIAL_AUTH_GITHUB_SECRET, code) | |
django_auth_token = convert_to_auth_token(CLIENT_ID, CLIENT_SECRET, 'github', github_token) | |
user = get_user_from_token(django_auth_token) | |
return Response({'token': django_auth_token, 'user': UserSerializer(user).data}, status=200) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment