Facebook 和 Google 身份验证过程在 Django Rest 框架中使用 Djoser 取消，Next.js+React 作为前端

Question

I used Djoser to handle basic user authentication functions for me in Django Rest Framework.我使用 Djoser 在 Django Rest Framework 中为我处理基本的用户身份验证功能。 And I tried to use its social auth endpoint.我尝试使用其社交身份验证端点。 According to its documentation , if I understand correctly, I first added redirect_uri to its endpoint, eg :根据其文档，如果我理解正确，我首先将 redirect_uri 添加到其端点，例如：

http://127.0.0.1:8000/auth/o/facebook/?redirect_uri=http://localhost:3000 http://127.0.0.1:8000/auth/o/facebook/?redirect_uri=http://localhost:3000

It worked fine.它工作得很好。 Then I used the link to authenticate and it returned code and state (as data in the code below) to me as queries in the redirect_uri.然后我使用该链接进行身份验证，并将代码和状态（作为下面代码中的数据）作为redirect_uri 中的查询返回给我。 But then when I post back the code and state in getInitialProps method from Next.js server to my backend,但是当我将 getInitialProps 方法中的代码和状态从 Next.js 服务器回发到我的后端时，

const authResponse = await axios.post(`http://127.0.0.1:8000/user_info/o/facebook/`,data,{
      headers:{
          'Content-Type':'application/x-www-form-urlencoded'
      }
}

Django returns a status code 400. Then I used postman to test posting code and state with 'Content-Type':'application/x-www-form-urlencoded' , it showed on the window: Django 返回状态代码 400。然后我使用邮递员测试发布代码和状态'Content-Type':'application/x-www-form-urlencoded' ，它显示在窗口上：

{
    "non_field_errors": [
        "Authentication process canceled"
    ]
}

I tried the same case with Google OAuth2.我用 Google OAuth2 尝试了同样的情况。 The following is the python code in my settings.py.以下是我的settings.py中的python代码。

import os
from dotenv import load_dotenv

load_dotenv()

BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))

DEBUG = True

ALLOWED_HOSTS = ['127.0.0.1','0.0.0.0']

INSTALLED_APPS = [
    ...
    'djoser',
    'social_django',
    'rest_framework',
    'rest_framework.authtoken',
    'corsheaders',
    'user_info',
    ...
]

...

CORS_ORIGIN_WHITELIST = [
    "http://localhost:3000",
]

ROOT_URLCONF = 'myprojectname.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [os.path.join(BASE_DIR, 'templates')],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
                'social_django.context_processors.backends',
                'social_django.context_processors.login_redirect',
            ],
        },
    },
]

...

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.TokenAuthentication'
    ),
    'DEFAULT_PERMISSIONS_CLASSES': (
        'rest_framework.permissions.IsAuthenticated',
    )
}

...

AUTHENTICATION_BACKENDS = [
    "django.contrib.auth.backends.ModelBackend",
    "djoser.social.backends.facebook.FacebookOAuth2Override",
    "social_core.backends.google.GoogleOAuth2"
]

SOCIAL_AUTH_FACEBOOK_KEY = os.getenv('FACEBOOK_APP_ID')
SOCIAL_AUTH_FACEBOOK_SECRET = os.getenv("FACEBOOK_SECRET_KEY")

SOCIAL_AUTH_FACEBOOK_SCOPE = ["email"]
SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = {"fields": "id, name, email"}

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = os.getenv('GOOGLE_APP_ID')
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = os.getenv("GOOGLE_SECRET_KEY")

SOCIAL_AUTH_RAISE_EXCEPTIONS = False

DJOSER ={
    "LOGIN_FIELD": "email",
    "USER_CREATE_PASSWORD_RETYPE":True,
    "SEND_ACTIVATION_EMAIL": True,
    "ACTIVATION_URL":f'{os.getenv("FRONTEND_URL")}/activate/'+'{uid}/{token}',
    "SERIALIZERS": {
        'user_create':'user_info.serializers.UserCreateSerializer',
        'user':"user_info.serializers.UserCreateSerializer"
    },
    "SOCIAL_AUTH_ALLOWED_REDIRECT_URIS": [os.getenv("FRONTEND_URL")],
}

AUTH_USER_MODEL = 'user_info.User'

...

I only set my app domains as localhost and site url as http://localhost:8000/ in Facebook developer console.我只在 Facebook 开发人员控制台中将我的应用程序域设置为localhost ，将站点 url 设置为http://localhost:8000/ 。

Is there anyway I can get rid of the Authentication Process Cancelled and successfully get the token?无论如何我可以摆脱身份验证过程取消并成功获取令牌吗？ Thanks a lot!!!!非常感谢！！！！

Answer 1

I have the same issue and I was able to solve this one, however I got sucked into another but this will probably solve this issue for you.我有同样的问题，我能够解决这个问题，但是我陷入了另一个问题，但这可能会为你解决这个问题。 Just whitelist your URI to be authorized.只需将您的 URI 列入白名单即可获得授权。 I use Google OAuth and here's a screenshot of what I mean to convey.我使用 Google OAuth，这是我要传达的意思的屏幕截图。

You need to set 'http://127.0.0.1/' as the authorized domain.您需要将“http://127.0.0.1/”设置为授权域。

Facebook 和 Google 身份验证过程在 Django Rest 框架中使用 Djoser 取消，Next.js+React 作为前端

问题描述

1 个解决方案

解决方案1
0 2021-04-07 05:09:03

Facebook 和 Google 身份验证过程在 Django Rest 框架中使用 Djoser 取消，Next.js+React 作为前端

问题描述

1 个解决方案

解决方案1 0 2021-04-07 05:09:03

解决方案1
0 2021-04-07 05:09:03