Skip to content

Github Social Authentication

Read Context

For reusability, ensure to read the discussion on context so that the environment variables that are secured can be repurposed for testing in other websites later on.

Field Value
Homepage url http://127.0.0.1:8000/
Callback url http://127.0.0.1:8000/accounts/github/login/callback
Field Value
Homepage url http://0.0.0.0:8080/
Callback url http://0.0.0.0:8080/accounts/github/login/callback

Replace start-django.fly.dev with the new site.

Field Value
Homepage url e.g. https://start-django.fly.dev
Callback url e.g. https://start-django.fly.dev/accounts/github/login/callback/

AllAuth

We need to secure the following values:

Key Value
GITHUB_ID Client id
GITHUB_KEY Client secret

This is per the configuration we set via django-allauth:

/config/settings/_auth.py
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
SOCIALACCOUNT_PROVIDERS = {
    "github": {
        "APP": {
            "client_id": env("GITHUB_ID", None),
            "secret": env("GITHUB_KEY", None),
            "key": "",
        }
    },
    ...
}

We secure these keys via the Github Console: OAuth apps

Form

Screenshot of Github oAuth pre-application

Register:

Field Value Description
Application name required Seen in consent screen
Application logo optional Badge of trust in consent screen
Homepage URL site url API key / id credential association
Authorization callback URL site url/accounts/github/login/callback/ Successful login via allauth

Credentials

Screenshot of Github oAuth post-registration

  1. Note Client id.
  2. Click on generate a Client secret.
  3. Note warning after secret generated: Make sure to copy your new client secret now. You won’t be able to see it again.
  4. Save id and secret.

Login Window

Screenshot of Github oAuth login