Im writing a Django application that h开发者_StackOverflow中文版as a scheduling component. I want the user to be able to see his or her appointments on their Google Calendar. The appointments are sensitive information so I cant make a publicly available .ics and use 'Add By URL' in gCal.
So Im left with asking the user for credentials and updating their gCal through the API. However Im a little wary about storing their username/pass in my database. Word on the street is this is not a good idea.
What do you think?
You're right, this is not a good idea. People don't want to give you their info and you don't want to be responsible for storing it and securing it. It's a situation that up until a few years ago was very common though. The site (like yours) doesn't REALLY want their password but you do want authorization to do something on the user's behalf.
OAuth will solve this problem for you. Basically it's a way for Google to do just that - grant you permission to act on a user's behalf without you having to ever know that user's credentials. There is plenty of documentation on how to do this but here is a good place to start: Authentication and Authorization for Google APIs
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论