When I was building Flask Ahoy! I wanted to use Twitter as the login provider. I could spend a while boring you about why (as opposed to say Google, Facebook, OpenID or Roll-Your-Own), but I'l save that for another exciting post.
I have used the extremely handy Flask-OAuth to do all the legwork so you need to install that:
Next we need some html for users to click on to sign in and sign out. Try this simple block :
Next the real code begins. In your views module you need three views:
- One to send you off to Twitter to get authorized (login)
- One to get the callback from Twitter and store your authorization credentials (twitter_authorized)
- One to log you out and tidy up (logout)
Finally we need a special little method which remembers your credentials:
Now for the sake of safety I'm going to point out a couple of things here:
- This scenario uses flask sessions (encrypted cookies) to store your Twitter OAuth token.
- When you logout, you are only destroying the twitter_user flag, you should probably destroy your credentials as well.
Good luck fellow travelers.