@@ -141,7 +141,7 @@ def login_google():
141141
142142# Handle Google OAuth callback
143143@router .get ("/auth/google" )
144- def auth (session : SessionDep , code : str , response : Response ):
144+ def google_oauth (session : SessionDep , code : str , response : Response ):
145145 token_url = "https://oauth2.googleapis.com/token"
146146 token_data = {
147147 "code" : code ,
@@ -206,3 +206,73 @@ def auth(session: SessionDep, code: str, response: Response):
206206 httponly = True ,
207207 )
208208 return response
209+
210+
211+ # Handle Github OAuth callback
212+ @router .get ("/auth/github" )
213+ def github_oauth (session : SessionDep , code : str , response : Response ):
214+ token_url = "https://github.com/login/oauth/access_token"
215+ token_data = {
216+ "code" : code ,
217+ "client_id" : settings .GITHUB_CLIENT_ID ,
218+ "client_secret" : settings .GITHUB_CLIENT_SECRET ,
219+ }
220+ headers = {"Accept" : "application/json" }
221+
222+ token_r = requests .post (token_url , data = token_data , headers = headers )
223+ token_json = token_r .json ()
224+ if "error" in token_json :
225+ raise HTTPException (
226+ status_code = 400 , detail = "Failed to retrieve token from Github"
227+ )
228+ access_token = token_json ["access_token" ]
229+ # Get user info from Github
230+ user_info = requests .get (
231+ "https://api.github.com/user" ,
232+ headers = {"Authorization" : f"Bearer { access_token } },
233+ ).json ()
234+
235+ user_emails = requests .get (
236+ "https://api.github.com/user/emails" ,
237+ headers = {"Authorization" : f"Bearer { access_token } },
238+ ).json ()
239+
240+ # Check if the user already exists
241+ user = crud .get_user_by_email (session = session , email = user_emails [0 ]["email" ])
242+ access_token_expires = timedelta (minutes = settings .ACCESS_TOKEN_EXPIRE_MINUTES )
243+ if user :
244+ response = RedirectResponse ("http://localhost:3000/dashboard" )
245+ response .set_cookie (
246+ key = "access_token" ,
247+ value = security .create_access_token (
248+ user .id , expires_delta = access_token_expires
249+ ),
250+ httponly = True ,
251+ )
252+ return response
253+
254+ # Check if the app is open for new user registration
255+ if not settings .USERS_OPEN_REGISTRATION :
256+ raise HTTPException (
257+ status_code = 403 ,
258+ detail = "Open user registration is forbidden on this server" ,
259+ )
260+ # Create a new user
261+ user_create = UserCreateOauth .model_validate (
262+ {
263+ "email" : user_emails [0 ]["email" ],
264+ "is_active" : True ,
265+ "is_superuser" : False ,
266+ "full_name" : user_info ["login" ],
267+ "provider" : "github" ,
268+ }
269+ )
270+ user = crud .create_user_oauth (session = session , user_create = user_create )
271+
272+ response = RedirectResponse ("http://localhost:3000/dashboard" )
273+ response .set_cookie (
274+ key = "access_token" ,
275+ value = security .create_access_token (user .id , expires_delta = access_token_expires ),
276+ httponly = True ,
277+ )
278+ return response
0 commit comments