Last updated
Last updated
The Facebook provider lets you sign in 🔓 users using their Facebook accounts through OAuth2.
To use Facebook OAuth2 in your app, you need to set up a Facebook App. Here's a step-by-step guide to obtain the necessary credentials (client_id, client_secret, redirect_uri) and configure your app.
Go to .
Log in with your Facebook account or create one if you don't have it.
Click on Get Started to register as a developer.
Once logged in, navigate to My Apps at the top right and click Create App.
Choose the App Type that fits your use case. For OAuth, choose Consumer.
Fill in the details like App Name, Contact Email, etc., and click Create App ID.
After creating the app, navigate to Add a Product and select Facebook Login.
Choose Web and enter your website URL.
Go to Settings > Basic to find your App ID (client_id) and App Secret (client_secret). Make sure to store these securely.
Under Facebook Login > Settings, add your redirect_uri under Valid OAuth Redirect URIs. This should match the redirect URL used in your code, e.g., http://localhost:8000/facebook/callback.
Permissions: By default, only basic profile information is available. To access additional fields like email, you need to request specific permissions.
App Review: Some permissions (e.g., email) require App Review. Go to App Review > Permissions and Features and submit for review.
Ensure your app is in Live mode for production use. In Development mode, only users with roles (admin, developer, tester) can log in.
Add the following to your .env file:
Use the dotenv package to load these variables in your Django project.
First, import the needed 📦 class and set up your Facebook App ⚙️ settings:
⚠️ Note: It's best to store your Facebook App settings in a
.envfile for 🔐 security. You can access them insettings.pyusingpython-dotenvorenviron.
Example .env file:
Make sure that your redirect_uri matches the callback URL you set in your Facebook app settings and in your Django URLs.
This method creates the link 🔗 you need to send the user to so they can log in using Facebook.
Parameters:
state (str, optional): A random string 🔀 to protect against cross-site request forgery attacks.
Returns:
str: The URL 🌐 to use for Facebook login.
Example:
This method uses the code from Facebook to get an access token 🔑.
Parameters:
code (str): The authorization code 🔢 you got from the callback URL.
Returns:
str: The access token 🔑.
Example:
This method gets the user's profile information from Facebook.
Parameters:
access_token (str): The access token 🔑 you got from get_access_token.
fields (str, optional): A list of fields you want to get, separated by commas. Defaults to "id,name,email,picture".
Returns:
dict: The user's profile information 📋.
Example:
You can choose which fields you want to get from the user's profile by changing the fields parameter.
Example:
🔒 Use Environment Variables: Always use environment variables to store important information like client_id and client_secret. This helps keep your credentials safe 🛡️.
🔗 Match Redirect URI: Make sure the redirect_uri is the same in both your Facebook App settings and your code to avoid errors 🚫 during the login process.
⚠️ Error Handling: Handle any possible errors 🐞 during the login and token exchange process to ensure a smooth user experience 😊.
Now you're ready to use Facebook for authenticating users in your app 🚀. Follow these steps and best practices to make sure everything runs securely 🔐 and smoothly ✨.
For a comprehensive list of user profile fields and the necessary permissions, refer to the .