Django enable Multi-Tenant Social Login (tenants provide their own OAuth2 credentials)

I have a multi-tenant Django app created using the django-tenants package. My social login is handled by python-social-auth (more precisely drf_social_oauth2).

I'd like to allow tenants to provide their own Google OAuth2 credentials (client_id & client_secret) and authenticate using those. This way, the tenant has the ability to control who's allowed to use social login, e.g. restrict login to their "internal users".

Is there any way I can inject tenants' Google OAuth2 credentials in ConvertTokenView() based on what schema the request is made from?

Example pseudocode:

class ConvertTokenView(request):

  def post(self, request):
    tenant = get tenant based on schema
    backend.set_client_id(tenant.google_client_id)
    backend.set_client_secret(tenant.google_client_secret)
    backend.authenticate(request.body)
  
    return tokenResponse

Alternatively, I was thinking about dynamically modifying the following two settings.py settings:

# these are global, but i'd like each tenant to have their own creds
SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = "<google_client_id>"
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = "<google_client_secret>"

This alternative method does not work, because these settings are only read on Django server startup.

EDIT: Added more context, added pseudocode

Вернуться на верх