Social authentication for your apps (OAuth 2)
Project description
Introduction
Social authentication for your Masonite app (OAuth 2).
Features
- Officially supports GitHub, GitLab, BitBucket, Google, Apple and Facebook providers
Official Masonite Documentation
New to Masonite ? Please first read the Official Documentation. Masonite strives to have extremely comprehensive documentation 😃. It would be wise to go through the tutorials there. If you find any discrepencies or anything that doesn't make sense, be sure to comment directly on the documentation to start a discussion!
Hop on Masonite Discord Community to ask any questions you need!
Installation
pip install masonite-oauth2
Configuration
Add OauthProvider to your project in config/providers.py:
# config/providers.py
# ...
from masonite.oauth import OAuthProvider
# ...
PROVIDERS = [
# ...
# Third Party Providers
OAuthProvider,
# ...
]
Then you can publish the configuration file to your project:
python craft package:publish oauth
Finally you will need to add credentials for the OAuth providers your application utilizes.
# config/oauth.py
DRIVERS = {
"github": {
"client_id": env("GITHUB_CLIENT_ID"),
"client_secret": env("GITHUB_CLIENT_SECRET"),
"redirect": "auth.callback",
}
}
redirect can be a route name or a path.
Configuration of your OAuth app:
Then you should create an OAuth App on your provider dashboard. Here are some links:
- GitHub:
- GitLab:
- BitBucket (Atlassian): you must first create a workspace and then in
Settingsadd anOAuth consumerhere https://bitbucket.org/{your-workspace-slug}/workspace/settings/api - ...
Usage
To authenticate users using an OAuth provider, you will need two routes: one for redirecting the user to the OAuth provider, and another for receiving the callback from the provider after authentication.
In your controller, you can then easily access OAuth facade methods:
redirect()is redirecting to the OAuth endpoint provideruser()is the route callback the user will be redirected to after entering its credentials through the OAuth provider screen. This method is returning aOAuthUserinstance containing user informations.
from masonite.oauth import OAuth
class YourController(Controller):
def auth(self):
return OAuth.driver("github").redirect()
def callback(self):
user = OAuth.driver("github").user()
# you now have a user object with data and a token
Get user data
When retrieving user data with user() method, you will get a OAuthUser with the following
fields:
- id
- name
- nickname
- avatar
- token
Get user data from a token
If you already have a valid access token for a user, you can retrieve user data using user_from_token():
user = OAuth.driver("github").user_from_token(token)
Scopes
OAuth providers have default scopes used when redirecting to OAuth provider screen:
- GitHub:
user:email - BitBucket:
email - Gitlab:
read_user - Google:
openid,profile,email - Apple:
name,email - Facebook:
email
You can add new scopes in the redirect request by using scopes() method (merged with default scopes):
user = OAuth.driver("github").scopes(["admin:org", "read:discussion"]).redirect()
# scopes will be: user:email, admin:org, read:discussion
You can override all scopes in the redirect request by using set_scopes()method:
user = OAuth.driver("github").set_scopes(["user:email", "user:follow"]).redirect()
# scopes will be: user:email, user:follow
Optional parameters
Some OAuth providers support optional parameters. To include those in the redirect request, you can use with_data() method.
return OAuth.driver("github").with_data({"key": "value"})
Refresh token
Some OAuth providers support refreshing token (GitLab, BitBucket and Google at least). For that
you need a refresh_token obtained when calling user():
new_user = OAuth.driver("gitlab").refresh(user.refresh_token)
new_user.token #== is a new token
Revoke token programmatically
Some OAuth providers support revoking token programmatically. For that
you need to pass the token to the revoke() method:
revoked = OAuth.driver("gitlab").revoke(token)
It returned a boolean to tell if it was successful or not.
Contributing
Please read the Contributing Documentation here. Feel free to open a PR to add a new OAuth 2.0 provider 😀 !
Maintainers
Credits
Based on non maintained package https://github.com/hellomasonite/masonite-socialite.
License
Masonite oauth is open-sourced software licensed under the MIT license.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file masonite-oauth2-1.2.0.tar.gz.
File metadata
- Download URL: masonite-oauth2-1.2.0.tar.gz
- Upload date:
- Size: 27.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/34.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.9 tqdm/4.63.0 importlib-metadata/4.11.3 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.10.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a03a97eb64942da33b78988e85c19cf6bc0611188d09cdb4ca91bf6062638ac6 |
|
| MD5 | d6d9c8bc8df89363e3b2a1986501ff89 |
|
| BLAKE2b-256 | ecd7283ecf67a36de1702f056a5820e603997c33329d31adf8a1c882ed2922f6 |
File details
Details for the file masonite_oauth2-1.2.0-py3-none-any.whl.
File metadata
- Download URL: masonite_oauth2-1.2.0-py3-none-any.whl
- Upload date:
- Size: 15.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/34.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.9 tqdm/4.63.0 importlib-metadata/4.11.3 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.10.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0b833cef70575194644d4e098c56ec9041df1a965387d57a7c21be1a59d1d7c2 |
|
| MD5 | fb15776c9ba33c932cdf774475de5a4a |
|
| BLAKE2b-256 | da6984bc53dba7f60593361f38488f932f0752420ab6732683020bef15b7c7ae |
