This repository provides a succinct overview of implementing OAuth2 authentication within Django, emphasizing its seamless integration with the User, Group, Permission, and ContentTypes APIs.
The first thing to do is to clone the repository:
git clone https://github.com/shanathvemula/test_oauth2.git
cd test_oauth2
Create a virtual environment to install dependencies in and activate it:
# Creating virtual environment
python -m venv venv
# In cmd.exe
venv\Scripts\activate.bat
Then install the dependencies:
(venv)$ pip install -r requirements.txt
Note the (venv)
in front of the prompt. This indicates that this terminal
session operates in a virtual environment set up by venv
.
Once pip
has finished downloading the dependencies.
Default it will connect sqlite3 database. For connecting Postgresql
Remove :
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': BASE_DIR / 'db.sqlite3',
}
}
Add:
DATABASES = {
'default': {
'ENGINE': 'django_tenants.postgresql_backend',
'NAME': '<Database Name>',
'USER': '<postgres username>',
'PASSWORD': '<postgres password>',
'HOST': '<postgres host address>',
'PORT': <postgres port>
}
}
Run this commands in CMD:
(venv)$ python manage.py makemigrations
(venv)$ python manage.py migrate
(venv)$ python manage.py createsuperuser
Username (leave blank to use '---'): <Enter username>
Email address:<Enter email address>
Password: <Enter Password>
Password (again): <Enter Password Again>
(venv)$ python manage.py runserver
And navigate to http://127.0.0.1:8000.
Endpoints:
1. admin/
2. o/
3. contenttypes/
4. permissions/
5. groups/
6. groups/<pk>
7. user_list/
8. user_create/
9. users/<username>
10. check_permission/
Admin Panel http://127.0.0.1:8000/admin
Authorization Endpoints
click here
linkHere need to save the Client id , Client secret
for the token generation.
You need to enter name
select Client type as Confidential
select Authorization grant type as Resource owner password-based
Once we have clicked the save button. Client secret key will be hash.
Click save button
URL : http://127.0.0.1:8000/o/token/
Request Method: POST
payload:
grant_type = password
username = <username>
password = <password>
client_id = <client_id>
client_secret = <client_secret>
Example cURL Code:
curl --location 'http://127.0.0.1:8000/o/token/' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'username=<username>' \
--data-urlencode 'password=<password>' \
--data-urlencode 'client_id=PkKyETl9a98VCTxR4b2jMBwGQNjnGRSizFCdOGvl' \
--data-urlencode 'client_secret=cgyKqn2NG3ys5Dp7WcoliDadw858cUxUlAiZ2TGnrzGrSHes6aa3fxd0hNGi4YRGWnd1SFy6xhM57ycAzkMr2gd8lVytyN9Ea1Soc6qIfEH89CsrksoiO6thq1FEMfHn'
Example Output:
{
"access_token": "UuOSEQSPz53uE04SMdzbS4VGPXDxjZ",
"expires_in": 36000,
"token_type": "Bearer",
"scope": "read write groups",
"refresh_token": "hqhPDjmsTs9l92ILdKaHl25vx6FO0y"
}
This access_token is used for the Authorization
Need to pass the access_token in headers like below
Authorization: Bearer <access_token>
URL : http://127.0.0.1:8000/contenttypes/
Request Method: GET
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
Example cURL Code:
curl --location 'http://127.0.0.1:8000/contenttypes/' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ'
URL : http://127.0.0.1:8000/contenttypes/
Request Method: POST
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
payload:
{
"app_label": "<App Label>",
"model": "<model>",
}
Example cURL Code:
curl --location 'http://127.0.0.1:8000/contenttypes/' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ' \
--header 'Content-Type: application/json' \
--data '{
"app_label": "<App Label>",
"model": "<model>",
}'
URL : http://127.0.0.1:8000/permissions/
Request Method: GET
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
Example cURL Code:
curl --location 'http://127.0.0.1:8000/permissions/' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ'
URL : http://127.0.0.1:8000/permissions/
Request Method: POST
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
payload:
{
"name": "<Permission Name>",
"codename": "<Permission codename>",
"content_type": <Content Type Id>
}
Example cURL Code:
curl --location 'http://127.0.0.1:8000/permissions/' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ' \
--header 'Content-Type: application/json' \
--data '{
"name": "<Permission Name>",
"codename": "<Permission codename>",
"content_type": <Content Type Id>
}'
URL : http://127.0.0.1:8000/groups/
Request Method: GET
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
Example cURL Code:
curl --location 'http://127.0.0.1:8000/groups/' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ'```
URL : http://127.0.0.1:8000/groups/
Request Method: POST
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
payload:
{
"name": "<Name of Group>",
"permissions": []
}
Example cURL Code:
curl --location 'http://127.0.0.1:8000/groups/' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ' \
--header 'Content-Type: application/json' \
--data '{
"name": "<Name of Group>",
"permissions": []
}'
URL : http://127.0.0.1:8000/groups/<pk(id)>
Request Method: GET
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
Example cURL Code:
curl --location 'http://127.0.0.1:8000/groups/<pk(id)>' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ'```
URL : http://127.0.0.1:8000/groups/<pk(id)>
Request Method: PUT
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
payload:
{
"name": "<Name of Group>",
"permissions": [<Permission Ids>]
}
Example cURL code:
curl --location --request PUT 'http://127.0.0.1:8000/groups/<pk(id)>' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ' \
--header 'Content-Type: application/json' \
--data '{
"name": "<Name of Group>",
"permissions": [<Permission Ids>]
}'
URL : http://127.0.0.1:8000/groups/<pk(id)>
Request Method: DELETE
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
Example cURL code:
curl --location --request DELETE 'http://127.0.0.1:8000/groups/<pk(id)>' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ' \
--header 'Content-Type: application/json'
URL : http://127.0.0.1:8000/user_list/
Request Method: GET
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
Example cURL Code:
curl --location 'http://127.0.0.1:8000/user_list/' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ'
URL : http://127.0.0.1:8000/user_create/
Request Method: POST
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
payload:
{
"password": "<password>",
"username": "<username>",
"first_name": "<First Name>",
"last_name": "<Last Name>",
"email": "<Email ID>",
"groups": [<Assigning roles(group ids)>],
"user_permissions": [<Assigning permissions(permission id)>]
}
Example cURL Code:
curl --location 'http://127.0.0.1:8000/user_create/' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ' \
--header 'Content-Type: application/json' \
--data-raw '{
"password": "<password>",
"username": "<username>",
"first_name": "<First Name>",
"last_name": "<Last Name>",
"email": "<Email ID>",
"groups": [<Assigning roles(group ids)>],
"user_permissions": [<Assigning permissions(permission id)>]
}'
Updating User
Here need to pass the data what are the fields to update
URL : http://127.0.0.1:8000/users/<username>
Request Method: PUT
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
payload:
{
"password": "<Password>",
"first_name": "<First Name>",
"last_name": "<Last Name>",
"email": "<Email>",
"groups": [<Assigning roles(group ids)>],
"user_permissions": [<Assigning permissions(permission id)>]
}
Example cURL Code:
curl --location --request PUT 'http://127.0.0.1:8000/users/<username>' \
--header 'Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ' \
--header 'Content-Type: application/json' \
--data-raw '{
"password": "<Password>",
"first_name": "<First Name>",
"last_name": "<Last Name>",
"email": "<Email>",
"groups": [<Assigning roles(group ids)>],
"user_permissions": [<Assigning permissions(permission id)>]
}'
URL : http://127.0.0.1:8000/users/<username>
Request Method: DELETE
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
Example cURL Code:
curl --location --request DELETE 'http://127.0.0.1:8000/users/<username>' \
--header 'Authorization: Bearer 1FxEHf647kC0fxawTzgz3htBKftM4B' \
--header 'Content-Type: application/json'
URL : http://127.0.0.1:8000/check_permission/
Request Method: POST
Headers:
Authorization: Bearer UuOSEQSPz53uE04SMdzbS4VGPXDxjZ
payload:
{
"permission": "<Permission codename>"
}
Example cURL Code:
curl --location 'http://localhost:8000/check_permission/' \
--header 'Authorization: Bearer ZH0SGfRGdfZQAQNs6RmqpW9GvJlZcB' \
--header 'Content-Type: application/json' \
--data '{
"permission": "add_task"
}'