Doing the OAuth dance with style using Flask, requests, and oauthlib
Project description
Flask-Dance
Doing the OAuth dance with style using Flask, requests, and oauthlib. Currently, only OAuth consumers are supported, but this project could easily support OAuth providers in the future, as well. The full documentation for this project is hosted on ReadTheDocs, but this README will give you a taste of the features.
Flask-Dance currently provides pre-set OAuth configurations for the following popular websites:
Facebook
GitHub
GitLab
Google
Twitter
JIRA
Dropbox
Meetup
Slack
Azure AD
Nylas
Spotify
Discord
Installation
Just the basics:
$ pip install Flask-Dance
Or if you’re planning on using the SQLAlchemy backend:
$ pip install Flask-Dance[sqla]
Quickstart
If you want your users to be able to log in to your app from any of the websites listed above, you’ve got it easy. Here’s an example using GitHub:
from flask import Flask, redirect, url_for
from werkzeug.contrib.fixers import ProxyFix
from flask_dance.contrib.github import make_github_blueprint, github
app = Flask(__name__)
app.wsgi_app = ProxyFix(app.wsgi_app)
app.secret_key = "supersekrit"
blueprint = make_github_blueprint(
client_id="my-key-here",
client_secret="my-secret-here",
)
app.register_blueprint(blueprint, url_prefix="/login")
@app.route("/")
def index():
if not github.authorized:
return redirect(url_for("github.login"))
resp = github.get("/user")
assert resp.ok
return "You are @{login} on GitHub".format(login=resp.json()["login"])
if __name__ == "__main__":
app.run()
If you’re itching to try it out, check out the flask-dance-github example repository, with detailed instructions for how to run this code.
The github object is a context local, just like flask.request. That means that you can import it in any Python file you want, and use it in the context of an incoming HTTP request. If you’ve split your Flask app up into multiple different files, feel free to import this object in any of your files, and use it just like you would use the requests module.
You can also use Flask-Dance with any OAuth provider you’d like, not just the pre-set configurations. See the documentation for how to use other OAuth providers.
Backends
By default, OAuth access tokens are stored in Flask’s session object. This means that if the user ever clears their browser cookies, they will have to go through the OAuth dance again, which is not good. You’re better off storing access tokens in a database or some other persistent store, and Flask-Dance has support for swapping out the storage backend. For example, if you’re using SQLAlchemy, just set it up like this:
from flask_sqlalchemy import SQLAlchemy
from flask_dance.consumer.backend.sqla import OAuthConsumerMixin, SQLAlchemyBackend
db = SQLAlchemy()
class User(db.Model):
id = db.Column(db.Integer, primary_key=True)
# ... other columns as needed
class OAuth(OAuthConsumerMixin, db.Model):
user_id = db.Column(db.Integer, db.ForeignKey(User.id))
user = db.relationship(User)
# get_current_user() is a function that returns the current logged in user
blueprint.backend = SQLAlchemyBackend(OAuth, db.session, user=get_current_user)
The SQLAlchemy backend seamlessly integrates with Flask-SQLAlchemy, as well as Flask-Login for user management, and Flask-Caching for caching.
Full Documentation
This README provides just a taste of what Flask-Dance is capable of. To see more, read the documentation on ReadTheDocs.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
Hashes for Flask_Dance-1.2.0-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6474bb6ca859007df5b855ce389d66237a53342143fb28ebf226306bc34faa62 |
|
MD5 | e8cd61561eb65a8d5aeaed3dd237858f |
|
BLAKE2b-256 | 2f402ceb42af6e17f9c3e82d72d537984c06bad017716830aa422e34d1d75361 |