Last updated
Last updated
The Google provider lets you sign in 🔓 users using their Google accounts through OAuth2.
Start from here:
For a comprehensive list of Google API scopes, refer to the official Google documentation:
If your app's configuration has more than 10 domains, has a logo, or requests sensitive or restricted scopes, you will need to
The sequence diagram below illustrates the flow of obtaining and using an OAuth 2.0 token from Google to access Google APIs:
To use Google OAuth2 in your app, you need to set up a Google App. Here's a step-by-step guide to obtain the necessary credentials (client_id, client_secret, redirect_uri) and configure your app.
Go to .
Log in with your Google account or create one if you don't have it.
Click on Select project
Create a new project or select an existing one.
Click on the navigation menu in the top right corner.
Select APIs & Services.
Go to OAuth consent screen section.
Click on CREATE.
Fill in the required information and click on SAVE AND CONTINUE several times until the application is created.
Go to the Credentials section.
Click on CREATE CREDENTIALS and select OAuth client ID.
Select the application type Web Application and fill in the required fields.
Add your redirect_uri under Authorized redirect URIs. This should match the redirect URL used in your code, e.g., http://localhost:8000/google/callback.
After you have filled in the required fields, click CREATE.
After you have created it, you should open a window with your Client ID and Client secret. Make sure to store these securely.
In order not to limit your Google Oauth2 app to only Test Users, you need to publish your app.
Once you set your app status as "In production", your app will be available to anyone with a Google Account.
⚠️ Note: It's best to store your Google App settings in a
.envfile for 🔐 security. You can access them insettings.pyusingpython-dotenvorenviron.
Add the following to your .env file:
Use the dotenv package to load these variables in your project.
First, import the needed 📦 class and set up your Google App ⚙️ settings:
Make sure that your redirect_uri matches the callback URL you set in your Google app settings and in your Django URLs.
This method creates the link 🔗 you need to send the user to so they can log in using Google.
Parameters:
state (str, optional): A random string 🔀 to protect against cross-site request forgery attacks.
Returns:
str: The URL 🌐 to use for Google login.
Example:
This method uses the code from Google to get an access token 🔑.
Parameters:
code (str): The authorization code 🔢 you got from the callback URL.
Returns:
str: The access token 🔑.
Example:
This method gets the user's profile information from Google.
Parameters:
access_token (str): The access token 🔑 you got from request.GET.
Returns:
dict: The user's profile information 📋.
Example:
You can choose which fields you want to get from the user's profile by changing the scope parameter.
Without changing it, you will receive an openid, profile and email address (everything that can be taken if your Google Cloud Project has enabled Google People API in the Google Cloud Console).
Example:
🔒 Use Environment Variables: Always use environment variables to store important information like client_id and client_secret. This helps keep your credentials safe 🛡️.
🔗 Match Redirect URI: Make sure the redirect_uri is the same in both your Google App settings and your code to avoid errors 🚫 during the login process.
⚠️ Error Handling: Handle any possible errors 🐞 during the login and token exchange process to ensure a smooth user experience 😊.
Now you're ready to use Google for authenticating users in your app 🚀. Follow these steps and best practices to make sure everything runs securely 🔐 and smoothly ✨.
