| 1 | GOOGLE_CLIENT_ID=你的 Google Client ID |
| 2 | GOOGLE_CLIENT_SECRET=你的 Google Client Secret |
| 3 |
flask_google_oauth_example.py
· 1.4 KiB · Python
Surowy
from flask import Flask, redirect, url_for, session
from authlib.integrations.flask_client import OAuth
import os
from dotenv import load_dotenv
load_dotenv()
app = Flask(__name__)
app.secret_key = "your_secret_key" # 必須設置 Secret Key
oauth = OAuth(app)
# 註冊 Google OAuth2 提供者,使用 discovery endpoint 自動獲取 metadata
google = oauth.register(
name='google',
client_id=os.getenv("GOOGLE_CLIENT_ID"),
client_secret=os.getenv("GOOGLE_CLIENT_SECRET"),
server_metadata_url='https://accounts.google.com/.well-known/openid-configuration',
client_kwargs={
'scope': 'openid profile email',
}
)
@app.route('/')
def homepage():
return '歡迎!<a href="/login">使用 Google 登入</a>'
@app.route('/login')
def login():
# 生成一個隨機 nonce,作為一次性驗證令牌
nonce = os.urandom(16).hex()
session['nonce'] = nonce
# 將 nonce 傳遞給 authorize_redirect
return google.authorize_redirect(url_for('auth', _external=True), nonce=nonce)
@app.route('/auth')
def auth():
token = google.authorize_access_token()
# 從 session 中取得先前生成的 nonce
nonce = session.get('nonce')
# 將 nonce 傳入以驗證 ID Token
user_info = google.parse_id_token(token, nonce=nonce)
return f"歡迎, {user_info['name']}!"
if __name__ == '__main__':
app.run(debug=True)
| 1 | from flask import Flask, redirect, url_for, session |
| 2 | from authlib.integrations.flask_client import OAuth |
| 3 | import os |
| 4 | from dotenv import load_dotenv |
| 5 | |
| 6 | load_dotenv() |
| 7 | app = Flask(__name__) |
| 8 | app.secret_key = "your_secret_key" # 必須設置 Secret Key |
| 9 | |
| 10 | oauth = OAuth(app) |
| 11 | |
| 12 | # 註冊 Google OAuth2 提供者,使用 discovery endpoint 自動獲取 metadata |
| 13 | google = oauth.register( |
| 14 | name='google', |
| 15 | client_id=os.getenv("GOOGLE_CLIENT_ID"), |
| 16 | client_secret=os.getenv("GOOGLE_CLIENT_SECRET"), |
| 17 | server_metadata_url='https://accounts.google.com/.well-known/openid-configuration', |
| 18 | client_kwargs={ |
| 19 | 'scope': 'openid profile email', |
| 20 | } |
| 21 | ) |
| 22 | |
| 23 | @app.route('/') |
| 24 | def homepage(): |
| 25 | return '歡迎!<a href="/login">使用 Google 登入</a>' |
| 26 | |
| 27 | @app.route('/login') |
| 28 | def login(): |
| 29 | # 生成一個隨機 nonce,作為一次性驗證令牌 |
| 30 | nonce = os.urandom(16).hex() |
| 31 | session['nonce'] = nonce |
| 32 | # 將 nonce 傳遞給 authorize_redirect |
| 33 | return google.authorize_redirect(url_for('auth', _external=True), nonce=nonce) |
| 34 | |
| 35 | @app.route('/auth') |
| 36 | def auth(): |
| 37 | token = google.authorize_access_token() |
| 38 | # 從 session 中取得先前生成的 nonce |
| 39 | nonce = session.get('nonce') |
| 40 | # 將 nonce 傳入以驗證 ID Token |
| 41 | user_info = google.parse_id_token(token, nonce=nonce) |
| 42 | return f"歡迎, {user_info['name']}!" |
| 43 | |
| 44 | if __name__ == '__main__': |
| 45 | app.run(debug=True) |
| 46 |