simpleauth 0.1.3

A simple auth handler for Google App Engine supporting OAuth 1.0a, 2.0 and OpenID
simpleauth is a simple authentication wrapper for an Google App Engine app.

Supported specs:
  - OAuth 2.0
  - OAuth 1.0(a)
  - OpenID

Supported providers out of the box:
  - Google (OAuth 2.0)
  - Facebook (OAuth 2.0)
  - Windows Live (OAuth 2.0)
  - Twitter (OAuth 1.0a)
  - LinkedIn (OAuth 1.0a)
  - OpenID, using App Engine users module API

Getting Started

1. Install the library on your local Mac/PC with one of:

  a. "easy_install -U simpleauth"
  b. "pip install simpleauth"
  c. clone the source repo, e.g. "git clone git://github.com/crhym3/simpleauth.git"

2. Place the subdir called "simpleauth" into your app root.

3. You'll also need to get python-oauth2 (pip install oauth2) and httplib2 (http://code.google.com/p/httplib2/)

3. Create a request handler by subclassing SimpleAuthHandler, e.g.

   class AuthHandler(SomeBaseRequestHandler, SimpleAuthHandler):
     """Authentication handler for all kinds of auth."""

     def _on_signin(self, data, auth_info, provider):
       """Callback whenever a new or existing user is logging in.
       data is a user info dictionary.
       auth_info contains access token or oauth token and secret.

       See what's in it with logging.info(data, auth_info)
       """

       auth_id = auth_info['id']

       # 1. check whether user exist, e.g.
       #    User.get_by_auth_id(auth_id)
       #
       # 2. create a new user if it doesn't
       #    User(**data).put()
       #
       # 3. sign in the user
       #    self.session['_user_id'] = auth_id
       #
       # 4. redirect somewhere, e.g. self.redirect('/profile')
       #
       # See more on how to work the above steps here:
       # http://webapp-improved.appspot.com/api/webapp2_extras/auth.html
       # http://code.google.com/p/webapp-improved/issues/detail?id=20


     def logout(self):
       self.auth.unset_session()
       self.redirect('/')

     def _callback_uri_for(self, provider):
       return self.uri_for('auth_callback', provider=provider, _full=True)

     def _get_consumer_info_for(self, provider):
       """Should return a tuple (key, secret) for auth init requests.
       For OAuth 2.0 you should also return a scope, e.g.
       ('my app id', 'my app secret', 'email,user_about_me')

       The scope depens solely on the provider.
       See example/secrets.py.template
       """
       return secrets.AUTH_CONFIG[provider]


Note that SimpleAuthHandler isn't a real request handler. It's up to you. For instance, SomeBaseRequestHandler could be webapp2.RequestHandler.

4. Add routing so that '/auth/PROVIDER', '/auth/PROVIDER/callback' and '/logout' requests go to your AuthHandler.

   For instance, in webapp2 you could do:

   # Map URLs to handlers
   routes = [
     Route('/auth/',
       handler='handlers.AuthHandler:_simple_auth', name='auth_login'),
     Route('/auth//callback',
       handler='handlers.AuthHandler:_auth_callback', name='auth_callback'),
     Route('/logout',
       handler='handlers.AuthHandler:logout', name='logout')
   ]


5. That's it. See a sample app in the example dir.

To run the example app, copy example/secrets.py.template into example/secrets.py and start the app locally by executing run.sh

last updated on:
September 24th, 2012, 21:04 GMT
price:
FREE!
developed by:
Alex Vagin
homepage:
simpleauth.appspot.com
license type:
MIT/X Consortium License 
category:
ROOT \ Internet \ HTTP (WWW)
simpleauth
Download Button

In a hurry? Add it to your Download Basket!

user rating

UNRATED
0.0/5
 

0/5

Rate it!
What's New in This Release:
  • CSRF protection for OAuth 2.0 http://code.google.com/p/gae-simpleauth/issues/detail?id=1
  • Custom exceptions http://code.google.com/p/gae-simpleauth/issues/detail?id=2
  • Example app improvements, including:
  • CSRF guard
read full changelog

Add your review!

SUBMIT