Google OAuth Login¶
Login or sign up using Google OAuth.
Response¶
Error Cases¶
- Missing Token:
access_tokenfield is required - Invalid Token: Google access token is invalid or expired
- No Email: Google account doesn't have an email address
- API Error: Error communicating with Google API
How It Works¶
- Client obtains Google OAuth access token from Google
- Client sends the access token to this endpoint
- Server verifies the token with Google API
- Server creates or links the user account
- Server returns JWT tokens for authentication
Getting Google Access Token¶
Frontend (JavaScript)¶
// Using Google Sign-In SDK
google.accounts.oauth2.initTokenClient({
client_id: 'YOUR_GOOGLE_CLIENT_ID',
scope: 'email profile',
callback: (response) => {
const accessToken = response.access_token;
// Send accessToken to /api/users/google-login/
}
}).requestAccessToken();
OAuth Playground (Testing)¶
- Go to Google OAuth Playground
- Select "Google OAuth2 API v2" → "userinfo.email" and "userinfo.profile"
- Authorize and exchange for tokens
- Use the access token in your API request
Notes¶
- If the user doesn't exist, a new account will be created automatically
- The account is automatically activated (
is_active=True) - If a user with the same email exists, the Google account will be linked
- The user's profile image (
image_url) is set from Google's profile picture on sign-up and updated on each Google sign-in - JWT tokens work the same as regular email/password login
- The Google access token is only used for verification, not stored