simpleauth is a simple authentication wrapper for an Google App Engine app.
Supported specs:
- OAuth 2.0
- OAuth 1.0(a)
- OpenID
Supported providers out of the box:
- Google (OAuth 2.0)
- Facebook (OAuth 2.0)
- Windows Live (OAuth 2.0)
- Twitter (OAuth 1.0a)
- LinkedIn (OAuth 1.0a)
- OpenID, using App Engine users module API
Getting Started
1. Install the library on your local Mac/PC with one of:
a. "easy_install -U simpleauth"
b. "pip install simpleauth"
c. clone the source repo, e.g. "git clone git://github.com/crhym3/simpleauth.git"
2. Place the subdir called "simpleauth" into your app root.
3. You'll also need to get python-oauth2 (pip install oauth2) and httplib2 (http://code.google.com/p/httplib2/)
3. Create a request handler by subclassing SimpleAuthHandler, e.g.
class AuthHandler(SomeBaseRequestHandler, SimpleAuthHandler):
"""Authentication handler for all kinds of auth."""
def _on_signin(self, data, auth_info, provider):
"""Callback whenever a new or existing user is logging in.
data is a user info dictionary.
auth_info contains access token or oauth token and secret.
See what's in it with logging.info(data, auth_info)
"""
auth_id = auth_info['id']
# 1. check whether user exist, e.g.
# User.get_by_auth_id(auth_id)
#
# 2. create a new user if it doesn't
# User(**data).put()
#
# 3. sign in the user
# self.session['_user_id'] = auth_id
#
# 4. redirect somewhere, e.g. self.redirect('/profile')
#
# See more on how to work the above steps here:
# http://webapp-improved.appspot.com/api/webapp2_extras/auth.html
# http://code.google.com/p/webapp-improved/issues/detail?id=20
def logout(self):
self.auth.unset_session()
self.redirect('/')
def _callback_uri_for(self, provider):
return self.uri_for('auth_callback', provider=provider, _full=True)
def _get_consumer_info_for(self, provider):
"""Should return a tuple (key, secret) for auth init requests.
For OAuth 2.0 you should also return a scope, e.g.
('my app id', 'my app secret', 'email,user_about_me')
The scope depens solely on the provider.
See example/secrets.py.template
"""
return secrets.AUTH_CONFIG[provider]
Note that SimpleAuthHandler isn't a real request handler. It's up to you. For instance, SomeBaseRequestHandler could be webapp2.RequestHandler.
4. Add routing so that '/auth/PROVIDER', '/auth/PROVIDER/callback' and '/logout' requests go to your AuthHandler.
For instance, in webapp2 you could do:
# Map URLs to handlers
routes = [
Route('/auth/',
handler='handlers.AuthHandler:_simple_auth', name='auth_login'),
Route('/auth//callback',
handler='handlers.AuthHandler:_auth_callback', name='auth_callback'),
Route('/logout',
handler='handlers.AuthHandler:logout', name='logout')
]
5. That's it. See a sample app in the example dir.
To run the example app, copy example/secrets.py.template into example/secrets.py and start the app locally by executing run.sh
What is new in this release:
- CSRF protection for OAuth 2.0 http://code.google.com/p/gae-simpleauth/issues/detail?id=1
- Custom exceptions http://code.google.com/p/gae-simpleauth/issues/detail?id=2
- Example app improvements, including:
- CSRF guard
- show exception messages for demo purposes
- prettier output of session, profile data and auth_info dictionaries
- https://github.com/crhym3/simpleauth/issues/4
- https://github.com/crhym3/simpleauth/issues/5
- More useful info in README
Requirements:
- Python
- oauth2
- lxml
- httplib2
Comments not found