flaskGitzella

Best Flask open-source libraries and packages

Flask oauth2 boilerplate
Extensive Flask boilerplate using best practices with a focus on implementing an OAuth 2.0 client.
JFA Soetens
Updated 10 months ago

Flask OAuth2 Boilerplate

Extensive Flask boilerplate using best practices with a focus on implementing an OAuth 2.0 client.

Features

  • OAuth 2.0 - Server-side authorization for Google, Facebook.
  • Flask-Login for local authorization, using Argon2 password hashing.
  • Flask app design using Blueprints and Application Factories.
  • Bootstrap 4 Beta as frontend.
  • SQLAlchemy ORM using relationships, constraints, joins, labels, ...
  • Loading data from JSON into database.
  • Flask-WTF forms with CSRF Protection, Jinja2 macros and dynamically generated QuerySelectField.
  • Using Flasks built-in integration of click CLI instead of Flask-Script.
  • REST API - JSON endpoints.
  • Extensive error handling, logging to console and log file.
  • Configuration from file.
  • Unit Tests with Coverage.
  • Pipenv as Python packaging tool.

OAuth 2.0 Client

There are many libraries available for OAuth 2.0 authorization. Google's oauth2client got recently deprecated and now they recommend google-auth with OAuthLib but their docs are not yet updated. Rauth is unmaintained. I decided to use Flask-OAuthlib, it uses Requests-OAuthlib which is a high-level client library built on OAuthLib & Requests. Please note that Google has also just released one-tap sign-up an auto sign-in on websites.
Currently supported providers: Google, Facebook.

Update @ 2018-01-08: apparently Flask-OAuthlib is now also deprecated and will be replaced by Authlib...

Flask Extensions

Keeping the extensions to a minimum, others can be easily integrated.

User Experience

Have a look in the Wiki to see how it looks.

Getting Started

Before you can integrate sign-in to your websites, set up your app at Google & Facebook.

Google

Create a Google API Console project and client ID.
Authorized JavaScript origins: http://localhost:5000
Authorized redirect URIs: http://localhost:5000/oauth2/sign-in/google/authorized
Add your client_id and client_secret in myapp/oauth2/google_client_secrets.json

Facebook

Create and retrieve a Facebook App ID on the App Dashboard.
Open Products > Facebook Login and enable Client OAuth Login and Web OAuth Login.
Valid OAuth redirect URIs: http://localhost:5000
Add your App ID and App Secret to myapp/oauth2/facebook_client_secrets.json

Set your Secret Keys

Generate your own secret keys and add them to files run_development.sh, run_testing.sh, run_testing_with_coverage.sh.

Run the Development Web Server

Create a virtual environment and start one of the shell scripts, this example uses Pipenv.

pip3 install --user pipenv
pipenv install #This installs everything from the pipfile.
./run_development.sh

What is next?

Adding multiple ways of sign in for websites, using provider APIs, JavaScript, ... I really hope that with your contributions, we can keep improving this template.

License

See the LICENSE file for license rights and limitations (MIT).

Tags oauth2 python oauth
Package Owner
jsoetens
JFA Soetens
 Gitzella Github
Package Info
View on Github
Homepage
Package Tags