Extensive Flask boilerplate using best practices with a focus on implementing an OAuth 2.0 client.
- OAuth 2.0 - Server-side authorization for Google, Facebook.
- Flask-Login for local authorization, using Argon2 password hashing.
- Flask app design using Blueprints and Application Factories.
- Bootstrap 4 Beta as frontend.
- SQLAlchemy ORM using relationships, constraints, joins, labels, ...
- Loading data from JSON into database.
- Flask-WTF forms with CSRF Protection, Jinja2 macros and dynamically generated QuerySelectField.
- Using Flasks built-in integration of click CLI instead of Flask-Script.
- REST API - JSON endpoints.
- Extensive error handling, logging to console and log file.
- Configuration from file.
- Unit Tests with Coverage.
- Pipenv as Python packaging tool.
There are many libraries available for OAuth 2.0 authorization.
Google's oauth2client got recently deprecated and now they recommend google-auth with OAuthLib but their docs are not yet updated.
Rauth is unmaintained.
I decided to use Flask-OAuthlib, it uses Requests-OAuthlib which is a high-level client library built on OAuthLib & Requests. Please note that Google has also just released one-tap sign-up an auto sign-in on websites.
Currently supported providers: Google, Facebook.
Update @ 2018-01-08: apparently Flask-OAuthlib is now also deprecated and will be replaced by Authlib...
Keeping the extensions to a minimum, others can be easily integrated.
Have a look in the Wiki to see how it looks.
Before you can integrate sign-in to your websites, set up your app at Google & Facebook.
Create a Google API Console project and client ID.
Authorized JavaScript origins: http://localhost:5000
Authorized redirect URIs: http://localhost:5000/oauth2/sign-in/google/authorized
Add your client_id and client_secret in myapp/oauth2/google_client_secrets.json
Create and retrieve a Facebook App ID on the App Dashboard.
Open Products > Facebook Login and enable Client OAuth Login and Web OAuth Login.
Valid OAuth redirect URIs: http://localhost:5000
Add your App ID and App Secret to myapp/oauth2/facebook_client_secrets.json
Generate your own secret keys and add them to files run_development.sh, run_testing.sh, run_testing_with_coverage.sh.
Create a virtual environment and start one of the shell scripts, this example uses Pipenv.
pip3 install --user pipenv
pipenv install #This installs everything from the pipfile.
./run_development.sh
Adding multiple ways of sign in for websites, using provider APIs, JavaScript, ... I really hope that with your contributions, we can keep improving this template.
See the LICENSE file for license rights and limitations (MIT).