initial commit

Author: seanmavley

Diff for: .gitignore

@@ -0,0 +1,2 @@
+venv
+

Diff for: README.md

@@ -0,0 +1,34 @@
+# Google Oauth Django Angular
+
+This repository contains the most minimum setup needed to Authenticate via API using Django + REST Framework + Angular on the frontend.
+
+## Run the repository
+
+- Download/Clone the repository
+- Run `cd backend && pip install -r requirements`
+- Run `cd frontend && npm install`
+- Create a `environment.development.ts` file in the `src/environments/` folder and update with your Google ID
+
+```
+// environment.development.ts
+export const environment = {
+  google_id: '<YOUR_GOOGLE_ID>.apps.googleusercontent.com'
+};
+```
+
+- Create a `.env` file in the root of your django project (in this case, `backend` and update with your Google ID)
+
+```
+# .env
+GOOGLE_OAUTH2_CLIENT_ID='YOUR_GOOGLE_ID.apps.googleusercontent.com'
+GOOGLE_OAUTH2_CLIENT_SECRET='YOUR_GOOGLE_SECRET'
+```
+
+- Run both the django and angular servers
+
+```
+cd backend && python manage.py runserver
+cd frontend && ng serve
+```
+
+- Visit `http://localhost:4200` for the frontend, and visit `http://localhost:8000` for the django backend

Diff for: backend/.gitignore

@@ -0,0 +1,89 @@
+# Created by https://www.gitignore.io
+
+### OSX ###
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear on external disk
+.Spotlight-V100
+.Trashes
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+
+### Python ###
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+env/
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.coverage
+.cache
+nosetests.xml
+coverage.xml
+
+# Translations
+*.mo
+*.pot
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+
+### Django ###
+*.log
+*.pot
+*.pyc
+__pycache__/
+local_settings.py
+
+.env
+db.sqlite3

Diff for: backend/main/__init__.py

@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.

Diff for: backend/main/admin.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class MainConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'main'

Diff for: backend/main/apps.py

@@ -0,0 +1,48 @@
+# Generated by Django 5.0.4 on 2024-04-25 11:09
+
+import django.contrib.auth.models
+import django.contrib.auth.validators
+import django.utils.timezone
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0012_alter_user_first_name_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
+                ('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
+                ('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
+                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
+                ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
+                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
+                ('email', models.CharField(max_length=250, unique=True)),
+                ('registration_method', models.CharField(choices=[('email', 'Email'), ('google', 'Google')], default='email', max_length=10)),
+                ('photo', models.URLField(blank=True, default='')),
+                ('country', models.CharField(blank=True, default='', max_length=100)),
+                ('about', models.TextField(blank=True, default='')),
+                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
+                ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions')),
+            ],
+            options={
+                'verbose_name': 'user',
+                'verbose_name_plural': 'users',
+                'abstract': False,
+            },
+            managers=[
+                ('objects', django.contrib.auth.models.UserManager()),
+            ],
+        ),
+    ]

Diff for: backend/main/migrations/0001_initial.py

@@ -0,0 +1,20 @@
+from django.contrib.auth.models import AbstractUser
+from django.db import models
+
+REGISTRATION_CHOICES = [
+    ('email', 'Email'),
+    ('google', 'Google'),
+]
+
+
+class User(AbstractUser):
+    email = models.CharField(
+        max_length=250, unique=True, null=False, blank=False)
+    registration_method = models.CharField(
+        max_length=10, choices=REGISTRATION_CHOICES, default='email')
+    photo = models.URLField(blank=True, default='')
+    country = models.CharField(max_length=100, default='', blank=True)
+    about = models.TextField(blank=True, default='')
+
+    def __str__(self):
+        return self.username

Diff for: backend/main/migrations/__init__.py

@@ -0,0 +1,10 @@
+from rest_framework import serializers
+from .models import User
+
+
+class UserSerializer(serializers.ModelSerializer):
+
+    class Meta:
+        model = User
+        fields = ['username', 'first_name', 'last_name',
+                  'email', 'country', 'about', 'photo']

Diff for: backend/main/models.py

@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.

Diff for: backend/main/serializers.py

@@ -0,0 +1,7 @@
+from django.urls import path
+from main.views import GoogleLoginApi
+
+urlpatterns = [
+      path("login/google/", GoogleLoginApi.as_view(), 
+         name="login-with-google"),
+]

Diff for: backend/main/tests.py

@@ -0,0 +1,94 @@
+import os
+from rest_framework.views import APIView
+from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
+from rest_framework.response import Response
+from .models import User
+from .serializers import UserSerializer
+from google.oauth2 import id_token
+from google.auth.transport import requests
+from rest_framework import status
+import django.utils.timezone as timezone
+from rest_framework.permissions import AllowAny, IsAuthenticated
+from django.contrib.auth import get_user_model
+from .serializers import UserSerializer
+
+
+CLIENT_ID = os.environ.get('GOOGLE_OAUTH2_CLIENT_ID')
+
+
+def generate_tokens_for_user(user):
+    """
+    Generate access and refresh tokens for the given user
+    """
+    serializer = TokenObtainPairSerializer()
+    token_data = serializer.get_token(user)
+    access_token = token_data.access_token
+    refresh_token = token_data
+    return access_token, refresh_token
+
+
+class GoogleLoginApi(APIView):
+    permission_classes = [AllowAny]
+
+    def get(request, *args, **kwargs):
+        return Response({
+            'message': 'Response'
+        }, status=status.HTTP_200_OK)
+
+    def post(self, request, *args, **kwargs):
+        google_jwt = request.data.get('jwt')
+        try:
+            # Specify the CLIENT_ID of the app that accesses the backend:
+            idinfo = id_token.verify_oauth2_token(
+                google_jwt, requests.Request(), CLIENT_ID)
+
+            if idinfo['iss'] not in ['accounts.google.com', 'https://accounts.google.com']:
+                raise ValueError('Wrong issuer.')
+
+            # ID token is valid. Get the user's Google Account ID from the decoded token.
+            user_id = idinfo['sub']
+            user_email = idinfo['email']
+            # Verify that the access token is valid for this app.
+            if idinfo['aud'] != CLIENT_ID:
+                raise ValueError('Wrong client ID.')
+
+            # Check if user exists in the database
+            try:
+                user = User.objects.get(email=user_email)
+                user.last_login = timezone.now()
+                user.save()
+                # Generate access and refresh tokens for the user
+                access_token, refresh_token = generate_tokens_for_user(user)
+                response_data = {
+                    'user': UserSerializer(user).data,
+                    'access_token': str(access_token),
+                    'refresh_token': str(refresh_token)
+                }
+                return Response(response_data)
+            except User.DoesNotExist:
+                username = user_email.split('@')[0]
+                first_name = idinfo.get('given_name', '')
+                last_name = idinfo.get('family_name', '')
+                photo = idinfo.get('photoUrl', '')
+
+                user = User.objects.create(
+                    username=username,
+                    email=user_email,
+                    first_name=first_name,
+                    last_name=last_name,
+                    registration_method='google',
+                    photo=photo,
+                )
+
+                access_token, refresh_token = generate_tokens_for_user(user)
+                response_data = {
+                    'user': UserSerializer(user).data,
+                    'access_token': str(access_token),
+                    'refresh_token': str(refresh_token)
+                }
+                return Response(response_data)
+
+        except ValueError:
+            return Response({
+                'error': 'Invalid token'
+            }, status=status.HTTP_400_BAD_REQUEST)

Diff for: backend/main/urls.py

@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+"""Django's command-line utility for administrative tasks."""
+import os
+import sys
+
+
+def main():
+    """Run administrative tasks."""
+    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'project.settings')
+    try:
+        from django.core.management import execute_from_command_line
+    except ImportError as exc:
+        raise ImportError(
+            "Couldn't import Django. Are you sure it's installed and "
+            "available on your PYTHONPATH environment variable? Did you "
+            "forget to activate a virtual environment?"
+        ) from exc
+    execute_from_command_line(sys.argv)
+
+
+if __name__ == '__main__':
+    main()

Diff for: backend/main/views.py

@@ -0,0 +1,16 @@
+"""
+ASGI config for project project.
+
+It exposes the ASGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/5.0/howto/deployment/asgi/
+"""
+
+import os
+
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'project.settings')
+
+application = get_asgi_application()