Using dj-rest-auth to integrate GitHub authentication in your Django project

This article is a simple guide on how to implement GitHub OAuth for a secure user authentication.

In this guide we will be able to

• seamlessly create or login a user using their GitHub credentials
• save users credentials for later use

Prerequisite

To get the best out of this article users should have a fair understanding on

• GitHub
• Django
• Django rest framework

We are going to implement this in 3 simple steps

• 1. setup GitHub
• 2. setup Django
• 3. test authentication endpoint

1. Setup GitHub

Create your GitHub OAuth credentials by going to to settings on your GitHub account, scroll down to where you see Developer settings, click on OAuth Apps as shown below.
If you have an existing app you can edit it else you can create a new one by clicking on New OAuth App and create a new one, give a clear and descriptive name for the app, add to your Homepage URL http://localhost:8000/ you might want to substitute localhost: for 127.0.0.1: if that's how you've configured your Django app to run point been that whatever configuration you setup on GitHub should match with what you have on your app to avoid server errors been thrown, add to Authorization callback URL this callback url http://localhost:8000/api/auth/github/login/callback/ your setup should reflect what you see in the image below.
Copy and save your Client ID and Client Secrets as shown below for later use on your Django project

2. Setup Django

Run pip install django-allauth dj-rest-auth requests in other to install these packages. In the settings.py file of your app add the following code block to your

SOCIALACCOUNT_PROVIDERS = {
    'github': {
        'APP': {
            'client_id': '<github_client_id>',
            'secret': '<github_secret_keys>',
            'key': ''
        }
    }
}

SITE_ID = 1

if you wish to capture the email of an authenticated users in the admin you can include this line of code to your projects settings.py file

ACCOUNT_EMAIL_REQUIRED = True

We continue to modify our settings.py file by adding the following code block

'rest_framework',
'rest_framework.authtoken',
'dj_rest_auth',

'django.contrib.sites',

'allauth',
'allauth.account',
'allauth.socialaccount',
'allauth.socialaccount.providers.github'

in the middlesware of your settings.py file include this line of code

'allauth.account.middleware.AccountMiddleware',

Lastly we modify the projects urls.py file by adding the following code block

from allauth.socialaccount.providers.github import views as github_views

path('api/auth/github/login/', github_views.oauth2_login, name='github_login'),
path('api/auth/github/login/callback/', github_views.oauth2_callback, name='github_callback'),

NB: The modification should be done in the project's urls.py file and not the app's urls.py file

3. Test authentication endpoint

All done ? visit the endpoint http://localhost:8000/api/auth/github/login/ you should be redirected to a page like this and when you click on the Continue button you should be redirected to GitHub's authorization page

Additional consideration

You notice after a successful authentication you're been redirected to http://localhost:8000/accounts/profile/ which displays a 404 error page.

To fix this we can create an endpoint /accounts/profile to your apps urls.py file and then create a relative views for that endpoint. If your endpoint and views are setup correctly then you should now see this instead of 404 error page

Difference between dj-auth-rest and social-auth-app-django

dj-auth-rest and social-auth-app-django are both libraries used to facilitate authentication in Django projects, but they cater to different needs and operate differently

dj-auth-rest is used for an API based project while social-auth-app-django is used for a web based project and both can be used on the same project

Conclusion

Integrating GitHub OAuth into your Django application provides a secure and user-friendly way for individuals to log in using their GitHub credentials.

Using this guide, you can enhance your application's security, streamline the login process, and improve the overall user experience while accessing relevant user data.

The above is the detailed content of Using dj-rest-auth to integrate GitHub authentication in your Django project. For more information, please follow other related articles on the PHP Chinese website!