✨ Feat: [#50] 소셜 로그인 로직 구현

2025-05-12 12:01:42 +09:00
parent 170a044ff5
commit 1f7fe5203c
1 changed files with 62 additions and 0 deletions
--- a/users/views.py
+++ b/users/views.py
@@ -24,6 +24,9 @@ from portfolios.serializers import *

 from django.db import transaction

+from google.oauth2 import id_token
+from google.auth.transport import requests
+

 class RefreshAPIView(APIView):
    permission_classes = [AllowAny]
@@ -44,6 +47,65 @@ class RefreshAPIView(APIView):
        except TokenError as e:
            return Response({"message": f"Invalid token: {e}"}, status=status.HTTP_401_UNAUTHORIZED)
            
+class GoogleLoginAPIView(APIView):
+    permission_classes = [AllowAny]
+
+    @transaction.atomic
+    def post(self, request):
+        token_str = request.data.get("id_token")
+        if not token_str:
+            return Response({"message": "no id_token"}, status=status.HTTP_400_BAD_REQUEST)
+
+        try:
+            idinfo = id_token.verify_oauth2_token(
+                token_str,
+                requests.Request(),
+                settings.GOOGLE_CLIENT_ID
+            )
+        except ValueError:
+            return Response({"message": "wrong id_token"}, status=status.HTTP_400_BAD_REQUEST)
+
+        email = idinfo["email"]
+        # sub = idinfo["sub"] # Google 고유 ID
+
+        # 이미 소셜 회원가입을 한 경우, 로그인 기능.
+        if user := User.objects.filter(email=email).first():
+            # 로그인 전 쿠키에 있는 리프레시 토큰 무효화
+            try:
+                refresh = request.COOKIES.get('refresh')
+                if refresh:
+                    refresh_token = RefreshToken(refresh)
+                    refresh_token.blacklist()
+            except TokenError as e:
+                pass # 어차피 만료된거면 그냥 넘어가기
+    
+            refresh = RefreshToken.for_user(user)
+            access  = str(refresh.access_token)
+
+            res = Response(
+                    {
+                        "message": "login success",
+                        "user_id": user.id,
+                        "nickname": user.nickname,
+                        "access": access,
+                        "is_member": True,
+                        "is_custom_url": user.is_custom_url
+                    },
+                    status=status.HTTP_200_OK,
+                )
+            res.set_cookie("refresh", str(refresh), httponly=True, samesite=None, secure=not settings.DEBUG)
+            return res
+        else:
+            return Response(
+                {
+                    "message": "Not member",
+                    "email": email,
+                    "is_member": False
+                    },
+                    status=status.HTTP_200_OK
+                    )
+
+


 class JoinAPIView(APIView):