Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Flask-Dance

David Baumgold
November 17, 2015

 Flask-Dance

OAuth is a pain. Flask-Dance makes it better. Learn how the Flask-Dance library was created, and why it makes it easier to use OAuth-enabled APIs like Facebook, Twitter, Google, GitHub, and a lot more.

David Baumgold

November 17, 2015
Tweet

More Decks by David Baumgold

Other Decks in Technology

Transcript

  1. “This story is a ‘Happy Path’ scenario, it doesn't account

    for token expiry (Access Tokens should expire after a short duration) or errors signing in. In order to get the full details I'd recommend reading the RFC.
  2. FLASK-OAUTH ➤ Uses the oauth2 module to handle OAuth stuff


    (which only supports OAuth 1.0, not OAuth 2.0) ➤ Uses the httplib2 module to handle HTTP stuff
 (instead of the fabulous requests module) ➤ Lots of boilerplate code
  3. FLASK-OAUTHLIB ➤ Uses the oauthlib module to handle OAuth stuff.

    
 This is actually a good thing! ➤ Uses the terrible urllib2 module to handle HTTP stuff
 (instead of the fabulous requests module) ➤ Lots of boilerplate code
  4. FLASK-DANCE ➤ Uses the oauthlib module to handle OAuth stuff

    ➤ Uses the requests module to handle HTTP stuff ➤ Uses Flask’s “blueprints” feature to reduce boilerplate code ➤ Sensible defaults for getting started quickly ➤ Useful extension points: different services, different databases ➤ Automated tests with 95% code coverage ➤ Supports the following services out of the box: Facebook, GitHub, Google, Twitter, JIRA, Dropbox, Meetup (or add your own!)
  5. WAYS YOU CAN HELP ➤ Try out Flask-Dance, and tell

    me what you think of it! ➤ Use it in your projects! ➤ Help improve the documentation! ➤ Add more builtin providers! ➤ Help build a server component! ➤ Tell your friends that OAuth doesn’t have to be painful anymore! ANY QUESTIONS? David Baumgold // @singingwolfboy