Change Google My Business authentication mechanism

gauth/admin.py

@@ -4,7 +4,7 @@ from django.contrib.auth.models import Group
 
 
 class UserModelAdmin(admin.ModelAdmin):
-    list_display = ['user', 'refresh_token', 'gmb_account_id']
+    list_display = ['user', 'access_token', 'expiry', 'refresh_token', 'gmb_account_id']
 
 
 class LocationsAdmin(admin.ModelAdmin):

gauth/auth_utils.py

@@ -5,12 +5,22 @@ from django.conf import settings
 from .models import UserModel
 from requests import get
 
-ACCESS_TOKEN_URI = settings.HOST_URI + '/gmb_access_token/token/access_toke_of_user'
+
+def get_access_token(user_model):
+    if user_model.expiry > timezone.now():
+        return user_model.access_token
+    else:
+        access_token, expires_in = refresh_access_token(user_model.refresh_token)
+        user_model.access_token = access_token
+        user_model.expiry = timezone.now() + timezone.timedelta(seconds=expires_in)
+        user_model.save()
+        return access_token
 
 
 def get_auth_header():
-    # Make a header with access key for making request in google-my-business server.
-    access_token = get(ACCESS_TOKEN_URI).text
+    user = User.objects.get(username='admin@ercare')
+    user_model = UserModel.objects.get(user=user)
+    access_token = get_access_token(user_model)
     headers = {
         'authorization': 'Bearer ' + access_token,
         'content-type': 'application/json'
@@ -18,36 +28,28 @@ def get_auth_header():
     return headers
 
 
-def has_expired(credentials):
-    expiry_time = credentials['expiry']
-    now = str(timezone.datetime.now())
-    return now > expiry_time
+# def has_expired(credentials):
+#     expiry_time = credentials['expiry']
+#     now = str(timezone.datetime.now())
+#     return now > expiry_time
 
 
-def get_access_token(request):
-    if 'credentials' in request.session and not has_expired(request.session['credentials']):
-        cred = request.session['credentials']
-        return cred['access_token']
-    access_token, expires_in = refresh_access_token()
-    expired_at = timezone.datetime.now() + timezone.timedelta(seconds=expires_in)
-    expiry = str(expired_at)
-    credentials = {
-        'access_token': access_token,
-        'expiry': expiry
-    }
-    request.session['credentials'] = credentials
-    return credentials['access_token']
-
+# def get_access_token(request):
+#     if 'credentials' in request.session and not has_expired(request.session['credentials']):
+#         cred = request.session['credentials']
+#         return cred['access_token']
+#     access_token, expires_in = refresh_access_token()
+#     expired_at = timezone.datetime.now() + timezone.timedelta(seconds=expires_in)
+#     expiry = str(expired_at)
+#     credentials = {
+#         'access_token': access_token,
+#         'expiry': expiry
+#     }
+#     request.session['credentials'] = credentials
+#     return credentials['access_token']
 
-def refresh_access_token():
-    user = User.objects.filter(username='admin@ercare').first()
-    uid = user.id
-    user = UserModel.objects.filter(pk=uid).first()
-    if user:
-        refresh_token = user.refresh_token
-    else:
-        return None
 
+def refresh_access_token(refresh_token):
     client_id = settings.CLIENT_ID
     client_secret = settings.CLIENT_SECRET
     token_uri = settings.TOKEN_URI

gauth/migrations/0012_auto_20200512_1212.py

@@ -0,0 +1,23 @@
+# Generated by Django 3.0.4 on 2020-05-12 06:12
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('gauth', '0011_auto_20200304_1707'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='usermodel',
+            name='access_token',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+        migrations.AddField(
+            model_name='usermodel',
+            name='expiry',
+            field=models.DateTimeField(blank=True, null=True),
+        ),
+    ]

gauth/models.py

@@ -6,6 +6,8 @@ class UserModel(models.Model):
     user = models.OneToOneField(User, on_delete=models.CASCADE, related_name='token_of')
     refresh_token = models.CharField(max_length=120, null=True, blank=True)
     gmb_account_id = models.CharField(max_length=30, null=True, blank=True)
+    access_token = models.CharField(max_length=255, null=True, blank=True)
+    expiry = models.DateTimeField(null=True, blank=True)
 
     def __str__(self):
         return self.user.username

gauth/urls.py

@@ -1,8 +1,7 @@
 from django.urls import path
-from .views import google_auth, authorize, oauth2callback, get_token
+from .views import google_auth, authorize, oauth2callback
 
 urlpatterns = [
-    path('gmb_access_token/token/access_toke_of_user', get_token, name='token'),
     path('gmb-authenticate/', google_auth, name='gmb-auth'),
     path('authorize', authorize, name='authorize'),
     path('oauth2callback', oauth2callback, name='oauth2callback'),

gauth/views.py

@@ -20,9 +20,10 @@ flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file(
 
 
 def get_token(request):
-    get_access_token(request)
-    cred = request.session['credentials']
-    return HttpResponse(cred.get('access_token'))
+    user = User.objects.get(username='admin@ercare')
+    user_model = UserModel.objects.get(user=user)
+    access_token = get_access_token(user_model)
+    return HttpResponse(access_token)
 
 
 @login_required
@@ -55,14 +56,16 @@ def oauth2callback(request):
     user_model, created = UserModel.objects.get_or_create(user=user)
     user_model.refresh_token = credentials.refresh_token
     user_model.gmb_account_id = account_id
+    user_model.access_token = credentials.token
+    user_model.expiry = credentials.expiry
     user_model.save()
-    request.session['credentials'] = credentials_to_dict(credentials)
+    # request.session['credentials'] = credentials_to_dict(credentials)
     return redirect('token')
 
 
-def credentials_to_dict(credentials):
-    expiry = str(credentials.expiry.utcnow())
-    return {
-        'access_token': credentials.token,
-        'expiry': expiry
-    }
+# def credentials_to_dict(credentials):
+#     expiry = str(credentials.expiry.utcnow())
+#     return {
+#         'access_token': credentials.token,
+#         'expiry': expiry
+#     }