$30 off During Our Annual Pro Sale. View Details »

Flask-Dance

David Baumgold
November 17, 2015

 Flask-Dance

OAuth is a pain. Flask-Dance makes it better. Learn how the Flask-Dance library was created, and why it makes it easier to use OAuth-enabled APIs like Facebook, Twitter, Google, GitHub, and a lot more.

David Baumgold

November 17, 2015
Tweet

More Decks by David Baumgold

Other Decks in Technology

Transcript

  1. FLASK-DANCE
    Making OAuth Simpler
    David Baumgold // @singingwolfboy

    View Slide

  2. APIS ARE EVERYWHERE

    View Slide

  3. OAUTH IS EVERYWHERE

    View Slide

  4. OAUTH IS A PAIN

    View Slide

  5. source: http://ravi-bhide.blogspot.com/2010/05/oauth-protocol-simplified.html

    View Slide

  6. http://www.ibuildings.nl/blog/2013/03/secure-your-rest-api-oauth2-implicit-grant

    View Slide

  7. “This story is a ‘Happy Path’ scenario,
    it doesn't account for token expiry
    (Access Tokens should expire after a
    short duration) or errors signing in.
    In order to get the full details I'd
    recommend reading the RFC.

    View Slide

  8. LET’S IGNORE IT!

    View Slide

  9. View Slide

  10. ... WELL CRAP.

    View Slide

  11. HOW DO I EVEN
    OAUTH?

    View Slide

  12. View Slide

  13. Sweet!

    View Slide

  14. EASY!

    View Slide

  15. UH, OK

    View Slide

  16. HUH?

    View Slide

  17. WAT.

    View Slide

  18. FLASK-OAUTH
    ➤ Uses the oauth2 module to handle OAuth stuff

    (which only supports OAuth 1.0, not OAuth 2.0)
    ➤ Uses the httplib2 module to handle HTTP stuff

    (instead of the fabulous requests module)
    ➤ Lots of boilerplate code

    View Slide

  19. This one!

    View Slide

  20. Yay!

    View Slide

  21. WAT.

    View Slide

  22. FLASK-OAUTHLIB
    ➤ Uses the oauthlib module to handle OAuth stuff. 

    This is actually a good thing!
    ➤ Uses the terrible urllib2 module to handle HTTP stuff

    (instead of the fabulous requests module)
    ➤ Lots of boilerplate code

    View Slide

  23. FINE,
    I’LL DO IT MYSELF

    View Slide

  24. FlaskDance
    Because all the obvious names were taken.

    View Slide

  25. BASIC FLASK APP

    View Slide

  26. BASIC FLASK APP WITH TWITTER

    View Slide

  27. FLASK-DANCE
    ➤ Uses the oauthlib module to handle OAuth stuff
    ➤ Uses the requests module to handle HTTP stuff
    ➤ Uses Flask’s “blueprints” feature to reduce boilerplate code
    ➤ Sensible defaults for getting started quickly
    ➤ Useful extension points: different services, different databases
    ➤ Automated tests with 95% code coverage
    ➤ Supports the following services out of the box:
    Facebook, GitHub, Google, Twitter, JIRA,
    Dropbox, Meetup (or add your own!)

    View Slide

  28. ON TO THE DOCS
    https://flask-dance.readthedocs.org

    View Slide

  29. I NEED YOUR HELP

    View Slide

  30. WAYS YOU CAN HELP
    ➤ Try out Flask-Dance, and tell me what you think of it!
    ➤ Use it in your projects!
    ➤ Help improve the documentation!
    ➤ Add more builtin providers!
    ➤ Help build a server component!
    ➤ Tell your friends that OAuth doesn’t have to
    be painful anymore!
    ANY QUESTIONS? David Baumgold // @singingwolfboy

    View Slide