This repository has been archived by the owner on Dec 26, 2023. It is now read-only.
Fix OAuth authentication issue with drf_social_oauth2 #9
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR addresses the OAuth authentication issue with
drf_social_oauth2
in the Django project. Users were unable to properly authenticate and login using OAuth providers like Facebook and Google. The issue was caused by invalid OAuth credentials, incorrect middleware setup, app whitelisting/validation issues, and potential CSRF validation problems.The following changes were made to resolve the issue:
drf_social_oauth2
middleware in theMIDDLEWARE
andAUTHENTICATION_BACKENDS
settings.ALLOWED_HOSTS
andCSRF_TRUSTED_ORIGINS
settings to correctly whitelist the app domains/origins in the OAuth providers.OAuth2CallbackView
csrf_exempt
to address any potential CSRF validation issues when redirecting back from the OAuth provider.Summary of Changes
drf_social_oauth2
middleware.ALLOWED_HOSTS
andCSRF_TRUSTED_ORIGINS
settings.OAuth2CallbackView
csrf_exempt
.This PR aims to fix the OAuth authentication issue and ensure that users can properly authenticate and login using OAuth providers in the Django project.
Fixes #6.
To checkout this PR branch, run the following command in your terminal:
To get Sweep to edit this pull request, leave a comment below or in the code. Leaving a comment in the code will only modify the file but commenting below can change the entire PR.