oauth

django-allauth provides ready-made social auth (Google, Facebook, GitHub, etc.). I configure providers in settings with API keys. It handles OAuth flows, token management, and account linking. Users can login with multiple providers. I customize templ

OAuth flows are a minefield, and PKCE is the safe default for public clients. I generate a verifier, derive a challenge, store the verifier in a short-lived session, and then exchange the authorization code for tokens. The key detail is treating the v