Looking to implement social authentication in our application with LinkedIn, Google, Facebook. I'm currently using flask-security to help manage users/roles in our application. I'm looking for some guidance on best practices with Flask/Flask-Security and Social Authentication.
I've seen the flask-social plugin, but I'd like to have the option of local form-based login, too.
So far, I'm planning on writing a new login view implementation for flask-security that can determine whether I'm using a social site (via passing a query parameter when user clicks on "login with XYZ") for the login. After social authentication occurs, I was planning on running the regular flask-security login to set all the appropriate session tokens and user and roles so the @login_required decorator will continue to work.
I didn't really see any hooks for overriding the login view function in flask-security, so I'm planning on either 1) copying the existing implementation into my own app or 2) calling flask_security_views::login.
However, I'm wondering if there's some of this that's already been implemented somewhere, or a better start. It seems like I'm really going to be cutting up a lot of existing code.
Thanks
Mark Hildreth is correct.
flask-social allows you to log in via a form (username/password) or via social. So you can use it in conjunction with flask-security, flask-login, or whatever password-based authentication you want. I have used flask-social in conjunction with flask-security and can confirm they work quite well together.
flask-social links each User
object to zero or more additional social accounts, which are stored in a separate table/datastore. Thus, it does not replace the existing password infrastructure...it just augments the User
model and adds additional social methods to also allow for the user to log in alternatively via social accounts.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With