Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/fusionauth/fusionauth-example-flask-portal

A user portal written in python/flask, using FusionAuth as the user data store
https://github.com/fusionauth/fusionauth-example-flask-portal

example flask-portal fusionauth oauth2 pkce python

Last synced: about 2 months ago
JSON representation

A user portal written in python/flask, using FusionAuth as the user data store

Host: GitHub
URL: https://github.com/fusionauth/fusionauth-example-flask-portal
Owner: FusionAuth
License: apache-2.0
Created: 2020-08-31T18:15:23.000Z (over 4 years ago)
Default Branch: main
Last Pushed: 2024-07-28T05:54:54.000Z (5 months ago)
Last Synced: 2024-07-28T06:45:36.909Z (5 months ago)
Topics: example, flask-portal, fusionauth, oauth2, pkce, python
Language: Python
Homepage:
Size: 28.3 KB
Stars: 7
Watchers: 13
Forks: 4
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

# Flask user portal

This user portal allows you to read and update a user's registration.data field, which is an arbitrary key value store in FusionAuth.

You can read the full blog post here: https://fusionauth.io/blog/2020/09/10/building-profile-portal-with-flask-oauth-apis

This application will use an OAuth Authorization Code workflow and the PKCE extension to log users in and store the access token securely. PKCE stands for Proof Key for Code Exchange, and is often pronounced “pixie”.

We will use Requests-OAuthlib to handle all our OAuth2.0 authorization requests. This library utilizes the Python Requests and OAuthlib libraries to provide an easy-to-use Python interface for building OAuth1 and OAuth2 clients.
You can read the docs for more information here: https://requests-oauthlib.readthedocs.io/en/latest/

Requests-OAuthlib library does not support pkce. As a workaround, we will append our pkce parameters to the authorization requests generated by
the library. We will need to do it a couple of times, first when we are sending an authorization code request and second during the code
exchange process. Other than that, our requirements for this application are being met by this library.
## Prerequisites

You need to make sure FusionAuth is running and that you have python3/pip3 available.

## Setup

* `python3 -m venv venv`
* `. venv/bin/activate`
* `pip3 install Flask`
* `pip3 install requests_oauthlib`
* `pip3 install fusionauth-client`
* `pip3 install pkce`
* `pip3 install requests`
* create an application in FusionAuth:
* Set the redirect url to `http://localhost:5000/callback`
* Set the logout url to `http://localhost:5000`
* Follow form creation as documented here: https://fusionauth.io/blog/2020/08/27/advanced-registration-form and note the form id
* Create an API key
* `cp samplesettings.py settings.py`
* Update `settings.py` with your values

## Running
To run this:

`OAUTHLIB_INSECURE_TRANSPORT=1 FLASK_APP=oauth.py python3 -m flask run`

Visit the application at http://localhost:5000

## To leave venv

run `deactivate` to leave the venv environment.