I have read the documentation here: django-rest-framework-social-oauth2, but everything is very unclear to me (It's my first time working with this).
and by the end it shows some configuration of how to do the settings to use facebook Oauth2. And there's this information on the docs:
You can test these settings by running the following command :
curl -X POST -d “grant_type=convert_token&client_id=<client_id>&client_secret=<client_secret>&backend=facebook&token=<facebook_token>” http://localhost:8000/auth/convert-token
This request returns the “access_token” that you should use on all HTTP requests with DRF. What is happening here is that we are converting a third-party access token (user_access_token) in an access token to use with your api and its clients (“access_token”). You should use this token on each and further communications between your system/application and your api to authenticate each request and avoid authenticating with FB every time.
Does it mean that with this endpoint I will be able to somehow "override" a sing up
method creating a user on my application with the same user_access_token it has on facebook?
If this is right, by my understanding. After I get the FB.getLoginStatus response, I will be able to make calls on my own API endpoints referring to the logged user with his facebook user_acess_token (That also is the same on my system).
I guess I would also need to add social accounts tokens to user models?
Am I right?
The Django REST framework OAuth package provides both OAuth1 and OAuth2 support for REST framework. This package was previously included directly in the REST framework but is now supported and maintained as a third-party package.
Django OAuth Toolkit can help you providing out of the box all the endpoints, data and logic needed to add OAuth2 capabilities to your Django projects. Django OAuth Toolkit makes extensive use of the excellent OAuthLib, so that everything is rfc-compliant. Note: If you have issues installing Django 4.0.
I could test it with a test token from facebook and it behaves as I expected like I wrote in my question.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With