Using Google Login With Flask (Overview)
In this course, you’ll work through the creation of a Flask web application. Your application will allow a user to log in using their Google identity instead of creating a new account. There are tons of benefits with this method of user management. It’s going to be safer and simpler than managing the traditional username and password combinations.
By the end of this course, you’ll be able to:
- Create a Flask web application that lets users log in with Google
- Create client credentials to interact with Google
- Use Flask-Login for user session management in a Flask application
- Better understand OAuth 2 and OpenID Connect (OIDC)
00:00 Welcome to this course on using Google login with a Flask web application. My name is Douglas Starnes. I’m a tech author and speaker from Memphis, Tennessee. I also run several user groups in the area—including a Python user group—and help organize a few conferences.
00:16 And I’m a Microsoft Most Valuable Professional for Developer Technologies.
00:21 Here’s what will be covered in this course. First, you’ll meet Google login, a way to authenticate users with a Google account. You’ll need to tell Google about your app and set up a developer environment.
00:33 This course will use Visual Studio Code. A database is a necessary part of most web apps. Then, you’ll start building the Flask web app to find the endpoints the app will need and take it for a spin. And of course, we’ll wrap up with some suggestions to expand upon and improve the demo app.
00:52 On the modern web, many apps allow you to personalize your preferences or store data. To know what data or features to make available, the app will require users to log in, generally with a username and password.
01:05 And as more and more apps depend on logins, the number of usernames and passwords a user has to manage becomes unbearable. This can be simplified by integrating Google login with a web app. By leveraging Google login, a user logs into their Google account credentials and gains access to the web app. This course will show you how to build a web app using the Flask framework.
01:26 The app will have users log in with a Google account instead of a username and password specific to the app. It reduces a lot of the burden on the app as Google is now responsible for managing and securing logins. Features like password resets and even two-factor authentication come along for free.
01:44 Before getting into Google login, you should understand two specifications: OAuth 2 and OpenID Connect, or OIDC. OAuth 2 allows a user to give permission to an app to act on their behalf. In the demo app for this course, users of your app will give your app permission to access basic profile information from their Google account.
02:06 The OIDC specification is an extension to OAuth 2. There are three major players in this process. First, there’s your app, also called the client. Then, there’s the provider—and this is Google.
02:19 Finally is the user. The user will try to log into the client. The client will then ask for permission from the user to log them in using a Google account.
02:30 The steps of this process are called a handshake, flow, or dance.
02:36 The first step is to register the client, which is your app, with the provider, which is Google. Your app will receive from Google two values: a client ID and a client secret.
02:47 These are used to validate your app with Google. When a user tries to log into your app, they will be redirected to an authorization URL to provide their Google account credentials. But this authorization URL lives on Google servers, so your app will never see the user credentials. This way users can be assured that they are not exposing their password to third-party apps. After being authenticated, Google will present a consent screen to the user that contains the data your app wants to access.
03:16 If the user consents, Google will provide your app with an authorization code. Your app will exchange that code for a token, and the token will be provided with subsequent requests to access the user’s data.
03:30 There are a number of endpoints that play a role in the flow. OIDC adds a well known endpoint that provides easy access to the URLs for these endpoints on a specific provider.
03:41 It also adds an endpoint with basic information about the user.
03:45 Next up, you’ll learn how to register the demo app with Google.
Become a Member to join the conversation.