Merge pull request #117 from thirdeye-dev/0x0elliot/flow-google-auth

feat: flow google auth
thirdeye-dev · Jul 24, 2023 · b4f9215 · b4f9215 · vercel · Jul 24, 2023
2 parents 86313cc + e8bf647
commit b4f9215
Show file tree

Hide file tree

Showing 5 changed files with 111 additions and 10,401 deletions.
diff --git a/backend/authentication/urls.py b/backend/authentication/urls.py
@@ -8,18 +8,26 @@
     MeAPIView,
     SetWalletAddressAPIView,
     github_login,
+    google_login,
+    GoogleLoginCallbackView
 )
 
 urlpatterns = [
     path("login", LoginAPIView.as_view(), name="login"),
     path("logout", LogoutAPIView.as_view(), name="logout"),
     path("token/refresh", TokenRefreshView.as_view(), name="token_refresh"),
     path("github", github_login, name="oauth_github"),
+    path("google", google_login, name="oauth_google"),
     path(
         "github-callback",
         GithubLoginCallbackView.as_view(),
         name="oauth_github_callback",
     ),
+    path(
+        "google-callback",
+        GoogleLoginCallbackView.as_view(),
+        name="oauth_google_callback",
+    ),
     path(
         "me",
         MeAPIView.as_view(),

diff --git a/backend/authentication/views.py b/backend/authentication/views.py
@@ -1,6 +1,8 @@
 import logging
 import os
 
+import secrets
+
 from authlib.integrations.base_client import OAuthError
 from authlib.oauth2 import OAuth2Error
 from django.conf import settings
@@ -115,6 +117,32 @@ def get(self, request):
 
         return Response({"message": "success"}, status=status.HTTP_200_OK)
 
+def google_login(request):
+    # for development
+    REPLACEMENT_DOMAIN = "localhost:3000"
+
+    if settings.DEMO_INSTANCE:
+        REPLACEMENT_DOMAIN = settings.PROTOTYPE_DOMAIN
+
+    REPLACEMENT_DOMAIN += "/api"
+
+    current_domain = request.get_host()
+
+    redirect_uri = request.build_absolute_uri(reverse("oauth_google_callback")).replace(
+        current_domain, REPLACEMENT_DOMAIN
+    )
+
+    if settings.DEMO_INSTANCE:
+        redirect_uri = redirect_uri.replace("http://", "https://")
+
+    try:
+        return oauth.google.authorize_redirect(request, redirect_uri)
+    except AttributeError as error:
+        if "No such client: " in str(error):
+            raise AuthenticationFailed("Google OAuth is not configured.")
+        raise error
+
+
 def github_login(request):
     # for development
     REPLACEMENT_DOMAIN = "localhost:3000"
@@ -206,3 +234,61 @@ def post(self, request):
             f"{settings.FRONTEND_URL}auth/social?access"
             f"={access_token}&refresh={refresh_token}&username={user.username}"
         )
+
+class GoogleLoginCallbackView(APIView):
+    @staticmethod
+    def validate_and_return_user(request):
+        try:
+            token = oauth.google.authorize_access_token(request)
+        except (
+            OAuthError,
+            OAuth2Error,
+        ):
+            # Not giving out the actual error as we risk exposing the client secret
+            raise AuthenticationFailed("OAuth authentication error.")
+
+        resp = oauth.google.get("https://openidconnect.googleapis.com/v1/userinfo", token=token)
+        resp.raise_for_status()
+        body = resp.json()
+
+        user_email = body.get("email")
+        user_name = body.get("name")
+        image = body.get("picture")
+
+
+        try:
+            users = User.objects.filter(username=user_name)
+            if users:
+                user_name += secrets.token_hex(3)
+
+            return User.objects.get(email=user_email)
+        except User.DoesNotExist:
+            logging.info("[Google Oauth] User does not exist. Creating new one.")
+
+            return User.objects.create_user(
+                email=user_email,
+                username=user_name,
+                password=None,
+                auth_provider="google",
+                avatar=image,
+            )
+
+    def get(self, request):
+        return self.post(request)
+
+    def post(self, request):
+        user = self.validate_and_return_user(request)
+        print(user)
+
+        tokens = user.tokens()
+        access_token = tokens.get("access")
+        refresh_token = tokens.get("refresh")
+
+        # Uncomment this for local testing
+        return redirect(
+            f"{settings.FRONTEND_URL}/auth/social?access"
+            f"={access_token}&refresh={refresh_token}&username={user.username}"
+        )
+        # return redirect(self.request.build_absolute_uri(f"/login?token={token}"))
+
+