如何解决每次使用苹果登录时,Django 都会创建新用户
通过查看此存储库的代码,我在 Django 上使用 Apple 后端实现了登录:https://github.com/truffls/sign-in-with-apple-using-django/blob/master/backend.md。
我对代码做了很少的改动,不会影响任何逻辑(比如更改声明名称等)
每次 iOS 应用使用苹果登录时,它都会奇怪地重新创建一个新用户。
class AppleOAuth2(BaSEOAuth2):
"""
Custom BaSEOAuth2 backend class for
Sign in with Apple
Usage:
Add this to AUTHENTICATION_BACKENDS on settings.py
"""
name = 'apple'
ACCESS_TOKEN_URL = 'https://appleid.apple.com/auth/token'
ScopE_SEParaTOR = ','
ID_KEY = 'uid'
@handle_http_errors
def do_auth(self,access_token,*args,**kwargs):
"""
Finish the auth process once the access_token was retrieved
Get the email from ID token received from apple
do_auth override this method as you need to verify the code or access token given
by mobile client from apple and get the ID token from which other details can be extracted.
"""
## Retrieve django project stored data
client_id,client_secret = self.get_key_and_secret()
headers = {'content-type': "application/x-www-form-urlencoded"}
data = {
'client_id' : client_id,'client_secret': client_secret,'code' : access_token,'grant_type' : 'authorization_code','redirect_uri' : 'https://example-app.com/redirect'
}
## Form data
# ID Token(= from AppleID Service)
res = requests.post(AppleOAuth2.ACCESS_TOKEN_URL,data = data,headers = headers)
response_dict = res.json()
id_token = response_dict.get('id_token',None)
# Response Data
response_data = {}
if id_token:
decoded = jwt.decode(id_token,'',verify = False)
response_data.update({'email': decoded['email']}) if 'email' in decoded else None
response_data.update({'uid': decoded['sub']}) if 'sub' in decoded else None
# Response
response = kwargs.get('response') or {}
response.update(response_data)
response.update({'access_token': access_token}) if 'access_token' not in response else None
## Authenticate
kwargs.update({'response': response,'backend': self})
return self.strategy.authenticate(*args,**kwargs)
def get_user_details(self,response):
"""
get_user_details override just to give the email address or other user
information back to the Python Social Auth framework
"""
email = response.get('email',None)
details = {
'email': email,}
return details
def get_key_and_secret(self):
"""
get_key_and_secret override this as you have to generate
the client secret the way mentioned above
:return:
- App Bundle ID
- Client Secret
"""
headers = {
'kid': settings.soCIAL_AUTH_APPLE_KEY_ID
}
payload = {
'iss': settings.soCIAL_AUTH_APPLE_TEAM_ID,'iat': timezone.Now(),'exp': timezone.Now() + timedelta(days = 180),'aud': 'https://appleid.apple.com','sub': settings.soCIAL_AUTH_APPLE_APP_BUNDLE_ID,}
client_secret = jwt.encode(
payload,settings.soCIAL_AUTH_APPLE_KEY_SECRET,algorithm = 'ES256',headers = headers
).decode("utf-8")
return settings.soCIAL_AUTH_APPLE_APP_BUNDLE_ID,client_secret
我收到来自 Apple 的错误
{'error': 'invalid_grant','error_description': 'The code has expired or has been revoked.'}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
