Add OAuth provider

backend/config/settings.py

@@ -67,6 +67,7 @@ def get_bool(key, default):
     'qr_code',
     'app',  # app has to come before allauth for template override to work
     "channels_presence",
+    'oauth2_provider',
     'allauth',
     'allauth.account',
     'allauth.socialaccount',
@@ -275,6 +276,7 @@ def get_bool(key, default):
 
     # `allauth` specific authentication methods, such as login by e-mail
     'allauth.account.auth_backends.AuthenticationBackend',
+    'oauth2_provider.backends.OAuth2Backend',
 )
 ACCOUNT_USER_MODEL_USERNAME_FIELD = None
 ACCOUNT_EMAIL_REQUIRED = True
@@ -302,6 +304,12 @@ def get_bool(key, default):
 if RECAPTCHA_SITE_KEY:
     ACCOUNT_FORMS = {'signup': 'app.forms.RecaptchaSignupForm'}
 
+OAUTH2_PROVIDER = {
+    'ACCESS_TOKEN_EXPIRE_SECONDS': None,
+    'SCOPES': {'read': 'Read scope', 'write': 'Write scope'},
+    'PKCE_REQUIRED': False,
+}
+
 # Layout
 TEMPLATE_LAYOUT = "layout.html"
 

backend/config/urls.py

@@ -20,6 +20,7 @@
 urlpatterns = [
     path('', include('app.urls')),
     path('accounts/', include('allauth.urls')),
+    path('o/', include('oauth2_provider.urls', namespace='oauth2_provider')),
     path('api/', include('api.urls')),
     path('admin/', admin.site.urls),
 ]

backend/requirements.txt

@@ -142,3 +142,4 @@ websocket-client==1.6.4 ; python_version >= '3.8'
 whitenoise[brotli]==6.6.0
 yarl==1.9.2 ; python_version >= '3.7'
 zope.interface==6.1
+django-oauth-toolkit==2.3.0