Last active
August 29, 2015 14:24
-
-
Save smilli/f1457e896d4b42da9d36 to your computer and use it in GitHub Desktop.
Flask OAuth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
from flask import Flask | |
from flask.ext.mongoengine import MongoEngine | |
app = Flask(__name__) | |
app.config["MONGODB_SETTINGS"] = {'DB': "myapp"} | |
app.config["SECRET_KEY"] = os.environ['APP_SECRET_KEY'] | |
db = MongoEngine(app) | |
if __name__ == '__main__': | |
app.run() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import json | |
from flask import url_for, session, request, redirect | |
from flask_oauthlib.client import OAuth, OAuthException | |
from flask.ext.login import login_user, current_user | |
from myapp.redirects import get_redirect_target | |
from myapp.models import User | |
oauth = OAuth() | |
facebook = oauth.remote_app('facebook', | |
'facebook', | |
consumer_key=os.environ['FACEBOOK_APP_ID'], | |
consumer_secret=os.environ['FACEBOOK_APP_SECRET'], | |
base_url='https://graph.facebook.com', | |
access_token_url='/oauth/access_token', | |
access_token_method='GET', | |
authorize_url='https://www.facebook.com/dialog/oauth', | |
request_token_params={'display': 'popup'} | |
) | |
@app.route('/login') | |
def login(): | |
callback = url_for( | |
'facebook_authorized', | |
next=get_redirect_target(), | |
_external=True | |
) | |
return facebook.authorize(callback=callback) | |
@app.route('/login/authorized') | |
def facebook_authorized(): | |
resp = facebook.authorized_response() | |
if resp is None: | |
return 'Access denied: reason=%s error=%s' % ( | |
request.args['error_reason'], | |
request.args['error_description'] | |
) | |
if isinstance(resp, OAuthException): | |
return 'Access denied: %s' % resp.message | |
me = facebook.get('/me', token=(resp['access_token'], '')) | |
user = User.objects(fb_id=me.data['id']).first() | |
if user and user.fb_token != resp['access_token']: | |
user.fb_token = resp['access_token'] | |
user.save() | |
if not user: | |
user = User( | |
fb_id=me.data['id'], | |
first_name=me.data['first_name'], | |
last_name=me.data['last_name'], | |
fb_token=resp['access_token'] | |
) | |
user.save() | |
login_user(user) | |
return json.dumps(me.data) | |
@facebook.tokengetter | |
def get_facebook_oauth_token(): | |
if current_user.is_authenticated(): | |
return (current_user.fb_token, '') | |
return None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from myapp import db | |
from flask.ext.login import UserMixin | |
class User(UserMixin, db.Document): | |
first_name = db.StringField() | |
last_name = db.StringField() | |
email = db.StringField() | |
fb_id = db.IntField() | |
fb_token = db.StringField() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from urllib.parse import urlparse, urljoin | |
from flask import request, url_for | |
def is_safe_url(target): | |
ref_url = urlparse(request.host_url) | |
test_url = urlparse(urljoin(request.host_url, target)) | |
return test_url.scheme in ('http', 'https') and \ | |
ref_url.netloc == test_url.netloc | |
def get_redirect_target(): | |
for target in (request.values.get('next'), request.referrer): | |
if target and is_safe_url(target): | |
return target | |
return None |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment