Gmail stands as one of the world’s most favoured and extensively utilized email services. It offers many features and functionalities that make it easy to communicate and manage your emails.
However, sometimes you may want to integrate Gmail with other applications or platforms, such as Django, a high-level Python web framework that enables rapid development and clean design. It is known for its ability to speed up the Django development process and maintain an attractive design.
By linking Gmail with Django, you can unlock even more possibilities, expanding what you can do with your emails and web applications. This integration allows you to create innovative solutions that improve your email and web experiences.
Certainly, let’s outline the prerequisites you need before you start integrating Gmail into your Django project:
✅ Django Project: You should have an existing Django project or create a new one to integrate Gmail functionality. Ensure that you have Django installed and configured in your project.
✅ Google Account: You’ll need a Google account to access the Google Cloud Console, where you’ll set up the Gmail API credentials.
✅ Google Cloud Console Project: Create a new project in the Google Cloud Console. This project will be used to enable the Gmail API and generate OAuth 2.0 credentials.
✅ Gmail API Enabled: Inside your Google Cloud Console project, ensure that the Gmail API is enabled. You have the option to activate it within the “APIs & Services” category.
✅ OAuth 2.0 Credentials: Create OAuth 2.0 Client IDs for a web application in your Google Cloud Console project. These credentials are necessary to authenticate your Django application with the Gmail API.
Google provides a wide range of scopes for its APIs. Scopes are permissions that you request from a user when they authorize your app to access their Google Account data.
The specific scopes that you need will depend on the APIs that you are using. For the Gmail API, you will need to request the gmail.readonly scope to read emails or the gmail.send scope to send emails.
Here is a list of some of the most common scopes provided by Google:
When requesting scopes, it is important to only request the scopes that you need. This will help to protect user privacy and prevent your app from being abused.
Here are some tips for requesting scopes:
In this blog, we will be using Gmail scopes for the Gmail integration.
['https://www.googleapis.com/auth/gmail.readonly',]
Creating OAuth 2.0 credentials is an essential step when you want to integrate Gmail or any other Google service into your application. These credentials are required for authentication and authorization. Here are the steps to create OAuth 2.0 credentials for your project:
Click on Create or select a project you will see the dialog box below.
Related read: What is Auth0? Features, Benefits And Its Implementation
If you don’t have an existing project, create a new one by clicking the project dropdown at the top of the console and selecting “New Project.” Give your project a meaningful name.
In the left-hand sidebar, click on “APIs & Services” and then “Library.”
In the search bar, enter “Gmail API” and choose it.
On the left-hand sidebar, select “APIs & Services,” and then choose “OAuth consent screen.”
In the left-hand sidebar, click on “APIs & Services” and then “OAuth consent screen.”
Choose whether your OAuth consent screen will be for internal or external users and proceed to configure it. Provide a name, email address, and other required information.
Specify the scopes your application will require. For Gmail integration, you may need the gmail.readonly or gmail.send scope, depending on the access your application needs.
Add authorized domains if applicable.
Save and continue to the next step.
In the left-hand sidebar, click on “APIs & Services” and then “Credentials.”
Choose the “Create Credentials” dropdown and then pick “OAuth client ID.”
Choose “Web application” as the application type.
Give your OAuth client a name.
Under “Authorized redirect URIs,” specify the callback URL that Google will send the user after authentication. This should be a URL within your Django application to handle the OAuth callback.
Click “Create.” and download Credentials.
After creating the OAuth client ID, you’ll be shown the client ID and client secret. Be sure to keep these credentials secret.
You can download the credentials as a JSON file by clicking the download icon next to your newly created OAuth client ID. This JSON file will be used in your Django application to authenticate with the Gmail API.
With these OAuth 2.0 credentials, you can now implement the OAuth 2.0 authentication flow in your Django application to allow it to request access to users’ Gmail accounts. Ensure that you securely store the client ID and client secret in your Django application’s configuration and use them in the OAuth flow to obtain access tokens for Gmail integration.
Once you go through the above steps and successfully create OAuth 2.0 credentials you need to create a Django project.
django-admin startproject project-name
Also, create an app for adding view and create a model for storing access and refreshing tokens.
python manage.py startapp app-name
class GoogleOAuth2LoginAPIView(RetrieveAPIView):
"""
Class for creating an api view for login by gmail.
"""
permission_classes = ()
authentication_classes = ()
def get(self, request, *args, **kwargs):
"""
GET function for request for google login.
"""
client_id = getenv("GOOGLE_CLIENT_ID")
client_secrete = getenv("GOOGLE_CLIENT_SECRET")
redirect_uri = getenv("GOOGLE_REDIRECT_URI")
if 'code' not in request.GET:
auth_uri = ('https://accounts.google.com/o/oauth2/v2/auth?response_type=code'
'&client_id={}&redirect_uri={}&scope={}').format(client_id, redirect_uri, SCOPES)
return redirect(auth_uri)
else:
auth_code = request.GET['code']
data = {'code': auth_code,
'client_id': client_id,
'client_secret': client_secrete,
'redirect_uri': redirect_uri,
'grant_type': 'authorization_code',
}
r = requests.post('https://oauth2.googleapis.com/token', data=data)
request.session['credentials'] = r.text
access_token_response = r.json()
headers = {'Authorization': f'Bearer {access_token_response["access_token"]}'}
personal_info_response = requests.get('https://www.googleapis.com/oauth2/v1/userinfo', headers=headers)
personal_info_response = personal_info_response.json()
print(personal_info_response)
GoogleRequestModel.objects.update_or_create(
access_token=access_token_response["access_token"],
email=personal_info_response["email"],
profile_picture=personal_info_response["picture"]
)
return Response({"message": "Successfully"})urls.py:
from django.urls import path
from .views import (
GoogleOAuth2LoginAPIView,
)
urlpatterns = [
path("googleLogin/", GoogleOAuth2LoginAPIView.as_view(), name="google-login"),
]https://98a4-2409-40c2-1034-8a3b-f4b3-fef0-63bc-74ed.ngrok-free.app/integrate/googleLogin/"
Retrieve the client ID, client secret, and redirect the URL from environment variables by using the getenv function.
It checks if the ‘code’ parameter is present in the query string of the request. If not, it constructs the authentication URL and redirects the user to Google for authentication.
If the ‘code’ parameter is present, it indicates that the user has completed the Google authentication process and is being redirected back to your application with an authorization code.
When the user returns with an authorization code, the code constructs a POST request to exchange the authorization code for an access token and potentially a refresh token. The access token and other relevant information are stored in the session for future use.
Constructs a request to the Google OAuth 2.0 user info endpoint to retrieve user information. It uses the obtained access token in the request headers. The user information, including the email address and profile picture, is extracted from the response.
Updates or creates a GoogleRequestModel object to store the user’s access token, email, and profile picture. This allows you to associate the user’s Google information with your application.
To revoke an access token, you need to make a POST request to the Google OAuth 2.0 token revocation endpoint. This endpoint allows you to invalidate an access token, effectively revoking the user’s authorization to access resources on their behalf.
class RevokeGoogleAccessTokenAPIView(RetrieveAPIView):
"""
Class for creating a revoke google access token api.
"""
permission_classes = ()
authentication_classes = ()
def get(self, request, *args, **kwargs):
"""
GET function revokes the google access token.
"""
email = request.GET.get("email", None)
if email:
google_info = GoogleRequestModel.objects.filter(email=email).last()
if google_info:
revoke_url = 'https://accounts.google.com/o/oauth2/revoke'
# Construct the token revocation request
revoke_params = {
'token': google_info.access_token
}
response = requests.post(revoke_url, params=revoke_params)
print(response.json())
if response.status_code == 200:
print("Access token revoked successfully.")
return Response({"message": "Access token revoked successfully."})
else:
print("Failed to revoke the access token.")
return Response({"message": "Failed to revoke the access token."})
else:
return Response({"message": "email address is required!"})If an email address is provided, the code attempts to fetch the latest GoogleRequestModel associated with that email address. The GoogleRequestModel likely contains the user’s access token. It constructs the URL for token revocation by appending the access token to the revocation endpoint URL.
Send a POST request to the revocation URL with the access token as a parameter. This request instructs Google to revoke the user’s authorization for your application.
The response is logged and checked for a successful status code (usually 200).
If the revocation is successful (status code 200), it logs a success message and returns a response indicating that the access token has been revoked.
If the revocation fails (status code other than 200), it logs an error message and returns a response indicating that the revocation has failed.
In conclusion, obtaining and revoking access tokens for Google Gmail accounts via OAuth 2.0 is a crucial aspect of user authentication and security in modern web applications. Here are two points I wanted to highlight.
Getting the Access Token: Access tokens are vital for accessing Google APIs on behalf of a user.
Revoking the Access Token: Token revocation is necessary for actions like user logouts, revoking access, or enhancing security.
Overall, the process of obtaining and revoking access tokens ensures that user data is accessed securely, with user consent and authorization at the forefront. Proper handling of access tokens is crucial for maintaining user privacy and protecting their data in your application. Be sure to handle access tokens securely, validate user consent, and manage token expiration and revocation effectively to ensure a safe and user-friendly experience.
Here is my GitHub repository where you can refer to the code.
Leave your competitors behind! Become an EPIC integration pro, and boost your team's efficiency.
Register Here
The Mindbowser team's professionalism consistently impressed me. Their commitment to quality shone through in every aspect of the project. They truly went the extra mile, ensuring they understood our needs perfectly and were always willing to invest the time to...
CTO, New Day Therapeutics
I collaborated with Mindbowser for several years on a complex SaaS platform project. They took over a partially completed project and successfully transformed it into a fully functional and robust platform. Throughout the entire process, the quality of their work...
President, E.B. Carlson
Mindbowser and team are professional, talented and very responsive. They got us through a challenging situation with our IOT product successfully. They will be our go to dev team going forward.
Founder, Cascada
Amazing team to work with. Very responsive and very skilled in both front and backend engineering. Looking forward to our next project together.
Co-Founder, Emerge
The team is great to work with. Very professional, on task, and efficient.
Founder, PeriopMD
I can not express enough how pleased we are with the whole team. From the first call and meeting, they took our vision and ran with it. Communication was easy and everyone was flexible to our schedule. I’m excited to...
Founder, Seeke
Mindbowser has truly been foundational in my journey from concept to design and onto that final launch phase.
CEO, KickSnap
We had very close go live timeline and Mindbowser team got us live a month before.
CEO, BuyNow WorldWide
If you want a team of great developers, I recommend them for the next project.
Founder, Teach Reach
Mindbowser built both iOS and Android apps for Mindworks, that have stood the test of time. 5 years later they still function quite beautifully. Their team always met their objectives and I'm very happy with the end result. Thank you!
Founder, Mindworks
Mindbowser has delivered a much better quality product than our previous tech vendors. Our product is stable and passed Well Architected Framework Review from AWS.
CEO, PurpleAnt
I am happy to share that we got USD 10k in cloud credits courtesy of our friends at Mindbowser. Thank you Pravin and Ayush, this means a lot to us.
CTO, Shortlist
Mindbowser is one of the reasons that our app is successful. These guys have been a great team.
Founder & CEO, MangoMirror
Kudos for all your hard work and diligence on the Telehealth platform project. You made it possible.
CEO, ThriveHealth
Mindbowser helped us build an awesome iOS app to bring balance to people’s lives.
CEO, SMILINGMIND
They were a very responsive team! Extremely easy to communicate and work with!
Founder & CEO, TotTech
We’ve had very little-to-no hiccups at all—it’s been a really pleasurable experience.
Co-Founder, TEAM8s
Mindbowser was very helpful with explaining the development process and started quickly on the project.
Executive Director of Product Development, Innovation Lab
The greatest benefit we got from Mindbowser is the expertise. Their team has developed apps in all different industries with all types of social proofs.
Co-Founder, Vesica
Mindbowser is professional, efficient and thorough.
Consultant, XPRIZE
Very committed, they create beautiful apps and are very benevolent. They have brilliant Ideas.
Founder, S.T.A.R.S of Wellness
Mindbowser was great; they listened to us a lot and helped us hone in on the actual idea of the app. They had put together fantastic wireframes for us.
Co-Founder, Flat Earth
Ayush was responsive and paired me with the best team member possible, to complete my complex vision and project. Could not be happier.
Founder, Child Life On Call
The team from Mindbowser stayed on task, asked the right questions, and completed the required tasks in a timely fashion! Strong work team!
CEO, SDOH2Health LLC
Mindbowser was easy to work with and hit the ground running, immediately feeling like part of our team.
CEO, Stealth Startup
Mindbowser was an excellent partner in developing my fitness app. They were patient, attentive, & understood my business needs. The end product exceeded my expectations. Thrilled to share it globally.
Owner, Phalanx
Mindbowser's expertise in tech, process & mobile development made them our choice for our app. The team was dedicated to the process & delivered high-quality features on time. They also gave valuable industry advice. Highly recommend them for app development...
Co-Founder, Fox&Fork
