i have react-django app, i’m using djoser with simplejwt for auth, and seperate have google auth, problem is that when i first time auth with google is creating new account and returning access with refresh and user, but this tokens are not valid, after auth on client i getting navigate to home page and is autofetching data with access token on header, but i get https://i.sstatic.net/pFatvYfg.png
on react i have reauth from rtk query, i trying to get new access token, but i get response
{"detail":"Token has wrong type","code":"token_not_valid"}
but if i login after that is working fine, this problem i get only when first time create account with google and returning access with refresh tokens, and they are not valids
here is code my code
settings
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
#installed apps below
'usersAuth',
'novel',
'payment',
'corsheaders',
'rest_framework',
'rest_framework_simplejwt',
'rest_framework_simplejwt.token_blacklist',
'djoser',
]
REST_FRAMEWORK = {
'DEFAULT_FILTER_BACKENDS': ['django_filters.rest_framework.DjangoFilterBackend'],
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
)
}
SIMPLE_JWT = {
'AUTH_HEADER_TYPES': ('JWT',),
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=30),
'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
'SIGNING_KEY': SECRET_KEY,
'VERIFYING_KEY': None
}
DJOSER = {
'LOGIN_FIELD': 'email',
'PASSWORD_CHANGED_EMAIL_CONFIRMATION': True,
'PASSWORD_RESET_CONFIRM_URL': 'password/reset/confirm/{uid}/{token}',
'ACTIVATION_URL': 'activate/{uid}/{token}',
'SEND_ACTIVATION_EMAIL': True,
'SEND_CONFIRMATION_EMAIL': True,
'PASSWORD_RESET_SHOW_EMAIL_NOT_FOUND': True,
'SERIALIZERS': {
'user_create': 'usersAuth.serializers.UserCreateSerializer',
'user': 'usersAuth.serializers.UserCreateSerializer',
'user_delete': 'djoser.serializers.UserDeleteSerializer',
'activation': 'usersAuth.serializers.MyActivationSerializer',
}
}
views
class LoginWithGoogle(APIView):
def post(self, request):
if 'code' in request.data.keys():
code = request.data['code']
id_token = get_id_token(code)
user_email = id_token['email']
try: # if user already exist in database
user = AppUser.objects.get(email=user_email)
refresh = get_jwt_token(user)
serializer = UserGoogleSerialzer(user)
return Response({'refresh': str(refresh),
'access': str(refresh.access_token),
'user': serializer.data
})
except AppUser.DoesNotExist:
return Response({
"id_token": id_token
}, status=status.HTTP_200_OK)
if ('id_token' in request.data.keys()) and ('username' in request.data.keys()):
user = AppUser.objects.create_user(
username=request.data['username'],
email=request.data['id_token']['email'],
img_url=request.data['id_token']['picture'],
provider='google'
)
refresh = get_jwt_token(user)
serializer = UserGoogleSerialzer(user)
return Response({
'access': str(refresh),
'refresh': str(refresh.access_token),
'user': serializer.data
}, status=status.HTTP_200_OK)
return Response(status=status.HTTP_400_BAD_REQUEST)
utils
def get_jwt_token(user):
token = RefreshToken.for_user(user)
return token
def get_id_token(code):
CLIENT_SECRET_FILE = 'client_secret.json'
# Exchange auth code for access token, refresh token, and ID token
credentials = client.credentials_from_clientsecrets_and_code(
CLIENT_SECRET_FILE,
[
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile',
'openid', 'email', 'profile'
],
code
)
return credentials.id_token