# set the following in settings.py:
#
INSTALLED_APPS = ('django_openid_auth', ...) # https://launchpad.net/django-openid-auth
AUTHENTICATION_BACKENDS = ('somewhere.auth.GoogleBackend', ...)
LOGIN_URL = '/login/'
LOGIN_REDIRECT_URL = '/'
LOGOUT_URL = '/logout/'
OPENID_SSO_SERVER_URL = 'https://www.google.com/accounts/o8/id'

# urlconfs needed in urls.py
#
url(r'^login/$', 'django_openid_auth.views.login_begin', name='openid-login'),
url(r'^login-complete/$', 'django_openid_auth.views.login_complete', name='openid-complete'),
url(r'^logout/$', 'django.contrib.auth.views.logout', {'next_page': '/',}, name='logout'),


# And finally, here is auth.py
#
from django.contrib.auth.models import User
from openid.consumer.consumer import SUCCESS
from django.core.mail import mail_admins

class GoogleBackend:

  def authenticate(self, openid_response):
    if openid_response is None:
      return None
    if openid_response.status != SUCCESS:
      return None
    
    google_email = openid_response.getSigned('http://openid.net/srv/ax/1.0', 'value.email')
    google_firstname = openid_response.getSigned('http://openid.net/srv/ax/1.0', 'value.firstname')
    google_lastname = openid_response.getSigned('http://openid.net/srv/ax/1.0', 'value.lastname')
    try:
      user = User.objects.get(username=google_email)
    except User.DoesNotExist:
      # create a new user, or send a message to admins, etc.
      return None

    return user

  def get_user(self, user_id):

    try:
      return User.objects.get(pk=user_id)
    except User.DoesNotExist:
      return None