Now let’s create a Django 2.0 project, then implement Google Authentication Services and then fetch mail. We’re only doing mail extraction to show you how to request permission after authentication.
Step # 1: Create the Django project
The first step is to create a virtual environment and then install the dependencies. So, we’ll use venv
:
mkdir google-login & amp; & amp; cd google-login python3.5 -m venv myvenv source myvenv / bin / activate
This command will create one folder myvenv
through which we just activated the virtual environment. Now type
pip freeze
Then you shouldn’t see any dependencies installed in it. Now, first thing we do is install Django:
pip install Django == 2.0.7
This is the version of Django we used, but feel free to use any other version. Now the next step is — create one project, gfglogin
its gfglogin
:
django-admin startproject gfglogin.
Since we are in the google-login directory so we want the django project to be in this directory just for you to use. " & # 39; at the end to indicate the current directory. Then create one app to separate the logic from the main project, so create one app named gfgauth
:
django-admin startapp gfgauth
So the general the terminal will look like this:
Since we have created one application. Add this application name to settings.py
in the INSTALLED_APP
list. We now have a Django project running, so let’s move it first and then check if there are any errors or not.
python manage.py makemigrations python manage.py migrate python manage.py runserver
So after migration you need to be able to start the server and see the Django start page at that particular URL.
Step # 2: Install dependencies
Since the project has started successfully, let’s set the basic requirements. First, we need googleapiclient
, this is necessary because we need to create one resource object that helps to interact with the API. Therefore, to be precise, we will use the ’build’ method from it.
Install:
pip install google-api-python-client == 1.6.4
Now the second module is oauth2client
, it will oauth2client
all authentications, credentials, streams and more, so it’s important to use that.
pip install oauth2client == 4.1.2
Finally, install jsonpickle
(just in case it is not installed) because it will be used oauth2client
when creating a CredentalsField
.
pip install jsonpickle == 0.9.6
So these are the only dependencies we need. Now let’s move on to a piece of code and see how it works.
Step # 3: Create Models
Use Models to store the credentials we get from the API, so there are only two main fields to take care of. The first — this is the id
, which will be the ForeignKey, and the second — credential
equal to CredentialsField. This field needs to be imported from oauth2client. So our models.py
will look like this:
|
Currently time task
and updated_time
are just additional fields, so you can remove them. Thus, these credentials will contain the credentials in the database.
Important note:
When we import the CredentialsField
, the __init__
method is automatically executed and if you notice code in the path
/google-login/myvenv/lib/python3.5/site-packages/oauth2client/contrib/django_util/__init__. py
Line 233
They import urlresolvers so they can use the reverse method from there. Now the problem is that this urlresolvers was removed after Django 1.10 or Django 1.11. If you are working with Django 2.0 it will give an error that urlresolvers cannot be found or is missing there.
Now, to overcome this problem, we need to change 2 lines, first replace the import from django. core import urlresolvers
to from django.urls import reverse
And then replace urlresolvers.reverse (...)
411 urlresolvers.reverse (...)
to reverse(...)
You should now be able to run it successfully.
After creating these models:
python manage.py makemigrations python manage.py migrate
Step # 4: Create views
At the moment we have only 3 main views for processing requests. First, we need to show the home page, status, google button so that we can send an authentication request. The second view will be launched when the google button is clicked, which means an AJAX request. Third, process the refund request from Google so that we can accept the access_token from it and store it in our database.
First, let’s do Google Authentication:
So, right now we need to tell the stream to the API what permissions we need to ask, what is my secret key and redirect url. To do this, enter:
FLOW = flow_from_clientsecrets (settings.GOOGLE_OAUTH2_CLIENT_SECRETS_JSON, scope = ’https://www.googleapis.com / auth / gmail.readonly’, redirect_uri =’ http://127.0.0.1: 8000 / oauth2callback’, prompt = ’consent’)
As you can see settings.GOOGLE_OAUTH2_CLIENT_SECRETS_JSON
, go to settings.py
and type:
GOOGLE_OAUTH2_CLIENT_SECRETS_JSON = ’client_secrets.json’
This tells Django where the json
file is located. We’ll download this file later. After defining the flow, let’s start the logic.
Whenever we need to find out if someone is authorized or not, we first check our database to see if these user credentials already exist or not. If not, then we make a request to the API URL and then get the credentials.
|
We use DjangoORMStorage (which is provided by oauth2client
) so that we can store and retrieve credentials from Django datastore So we need to pass 4 parameters for this. The first is the model class, which has a CredientialsField. The second — it is a unique identifier having credentials meaning the name of the key, the third — it is the key that has credentials, and the last — the name of the CredentialsField that we specified in models.py
.
Then we get the value from the store and see if it is valid or not. If not valid, we create one user token and get one authorization URL, where we redirect the user to the google login page. After being redirected, the user fills out the form, and once the user is logged in with Google, Google will submit the data to the callback URL with access_token
which we will do later. Now in case the user credentials were already present then it will re-validate the credentials and return you an access_token or sometimes an updated access_token in case the previous one expired.
Now we need to handle the callback url to do this:
|
Now inside the callback url when we get one response from Google, then we collect the data and get the state from it , condition — it is nothing more than a token that we generated with generateToken. Therefore, we verify the token using the secret_key, the token we generated, and the user who generated it. These things are checked by the xsrfutil.validate_token
method which checks that the token is not too old over time and was only generated at a specific time. If these things don’t work then it will give you an error, otherwise you will go to the next step and share the code from the callback response with Google so you can get the access_token.
So it was a two-step check. and after successfully getting the credentials, we store them in the Django datastore using DjangoORMStorage, because with that only we can get and store the credentials in the CredentialsField. Once we save it, we can redirect the user to any specific page, and this is how you can get the access_token.
Now let’s create one home page that tells if the user is logged in or not.
|
Right now we assume the user is authenticated in Django, which means the user is no longer anonymous and the information is stored in a database. Now, to support anonymous user, we can remove credential checks in the database or create one temporary user.
Back to the original view, we first check if the user is authenticated or not, which means the user is not anonymous if yes then force it to login, otherwise check credentials first. If the user is already logged in with Google, it will display the status as True, otherwise it will display as False.
Now on to the templates, let’s create one. First go to the root folder and create one folder named & # 39; templates & # 39; and then inside index.html
create index.html
:
|
This page is now very much simplified so there is no CSS or styles, there is only one simple link to check. You will now also notice the js file . so go to root folder again and create one directory as static/js/
And inside js create one file javascript main.js
:
|
This js file was used to separate the logic from the HTML file, and also to make a single AJAX call to Django. We now have all the parts made for viewing.
Step # 5: Create URLs and Basic Settings
In the main gfglogin project /urls.py
means gfglogin / urls.py
edit and put:
|
Because we need to test the functionality of the gfgauth application. Now inside gfgauth / urls.py
enter:
|
How see, gmailAuthenticate is for AJAX calls, oauth2callback — for the callback url and the last — for the homepage url. Now, before launching, there are several settings that we did not talk about:
In settings.py
you need to edit:
- To the "TEMPLATES" list add "templates" to the "DIRS" list.
- Finally from the settings.py file add:
STATIC_URL = ’/ static /’ STATICFILES_DIRS = ( os.path.join ( (BASE_DIR, ’static’) ,) GOOGLE_OAUTH2_CLIENT_SECRETS_JSON = ’client_secrets.json’
So we just pointed out where templates and static files are present and, most importantly, where the google secret json file is located oauth2 client. We will now download this file.
Step # 6: Generate the Oauth2 client secret file
Go to google developer console page, create one project and name it whatever you like. Once created, go to the project dashboard and click on the navigation menu that is on the top left. Then click on API services and then on the credentials page. Click on create credentials (you may need to set the product name before going ahead, so do that first). Now select the web app since we are using Django. After that, provide a name, and then just go to redirect the URI, and in there type:
http://127.0.0.1:8000/oauth2callback
And then save that. You do not need to specify the source of the authorized Javascript, so leave this blank. After saving you will be able to see all your credentials, just load them, they will be saved under some random names, so just reformat the filename and enter "client_secrets" and make sure it is in json format. Then save it and paste i