Building the Flask App
os module is used to manage environment variables. Since the client secret is a sensitive value you should not store it with the app. This app will use an environment variable instead. And
sqlite3 is again needed to communicate with the database.
WebApplicationClient is the class that implements the OAuth 2 flow.
requests will handle HTTP traffic independent of Flask. Finally, import the method to create the database and the
Retrieve the client ID and secret from environment variables and store them in constants. And one more constant for the
.well-known/ endpoint to retrieve the OIDC provider configuration. At this point, you should also create a shell script to store the client ID and secret in environment variables. Create
and then execute it. Back to
app.py. Create a Flask app. The parameter to the
Flask() initializer is the name of the application module. For a simple app, the
__name__ dunder value will be fine.
Also, Flask-Login requires a secret key for encryption. Either use one stored in an environment variable or generate a new one. An instance of
login_manager will add the session tracking features from Flask-Login.
Attempt to create the database. Catch a
sqlite3.OperationalError in case the database already exists, in which case you should do nothing. Initialize the
client with the client ID. Flask-Login depends upon a function designated as the
user_loader to get a
User instance given a certain
Become a Member to join the conversation.