def authenticate(self, request):
token = self.get_jwt_value(request)
if token is None:
return None, None
try:
idinfo = client.verify_id_token(token, settings.GOOGLE_AUTH_KEY)
if idinfo['iss'] not in ['accounts.google.com',
'https://accounts.google.com']:
raise crypt.AppIdentityError("Wrong issuer.")
if idinfo.get('hd') != settings.GOOGLE_AUTH_HOSTED_DOMAIN:
raise crypt.AppIdentityError("Wrong hosted domain.")
except crypt.AppIdentityError as e:
raise exceptions.AuthenticationFailed(e)
defaults = {
'email': idinfo['email'],
'first_name': idinfo['given_name'],
'last_name': idinfo['family_name'],
}
user, created = get_user_model().objects.get_or_create(
username=idinfo['email'], defaults=defaults,
)
return user, idinfo
评论列表
文章目录
