Django allauth google login with Google identity

The google sign in javascript library is being deprecated:

Warning: The Google Sign-In JavaScript platform library for Web is deprecated, and unavailable for download after March 31, 2023. The solutions in this guide are based on this library and therefore also deprecated.

Use instead the new Google Identity Services for Web solution to quickly and easily sign users into your app using their Google accounts.

By default, new client IDs are now blocked from using the older platform library; existing client IDs are unaffected. New client IDs created before July 29th, 2022 may set the plugin_name to enable use of the legacy Google platform library.

The existing oauth implementation from django-allauth requires the users to either use server-based redirect with the Oauth2.0 code or send in both the access_token and id_token for processing the login,

The implementation by google now only gives us the id_token and all the required data like name, profile picture etc. is included in the JWT token. Thus, the login fails as I am unable to send in both the access token and the id token.

There are two approaches that come to my mind for solving this:

  1. I either override the social login view and the corresponding process_login function from the allauth library and make that verify the id token and stuff in the user details from there OR
  2. Have a completely different API route that just accepts the id_token, decodes it, signs in a user and responds with the user's token from our backend.

I wanted to get some opinions on what should be the way forward for this or if there is any other possible way that I failed to account for.

Back to Top