WSGI Middleware for OAuth authentication
I have build a very small web application using Flask. Now I would like to add very basic authentication to the site (I don't need authorization). As Flask does not support auth&auth out of the box, I'd like to plug in a WSGI middleware doing this job. The web-app is only used by roughly 10 people, all of them are on Facebook. So I'd like to use Facebook's OAuth interface.
I've quickly looked through the wsgi.org list of WSGI Middleware and noticed two things: The available middleware is either quite complex to use, or it's already very dated.
I have found the following packages:
- wsgiauth -- It's dated. Last update is of 2006 and I cannot find any online docs
- authkit -- Seems very nice, but does not support OAuth
- barrel -- S开发者_如何学运维eems to only support
BASIC
and Form based auth. It's also a bit dated (latest release is 2008) - webmodules -- Only supports
BASIC
auth
Given this list, I'd say that AuthKit is the most interesting. Alas, it does not support OAuth. I will most likely go ahead and give it a shot. But, while I'm doodling around, I'm curious to see if there is anyone around who has a better solution lying around...
Flask has an OpenAuth extension that's written by the Armin Ronacher (Flask's author). It provides Flask with support for Open Auth 1.0.
You should take a look at repoze.who, which is authentication framework for WSGI application with plugins available for:
- HTTP basic/digest
- Auth via HTML forms with storing auth ticket in cookies.
- OpenID
- OAuth
- LDAP
- Many more I don't know...
If you're looking to authorize clients against facebook, why not use the python sdk they provide that includes an oauth interface found here https://github.com/facebook/python-sdk.
精彩评论