Simple auth for OAuth 2.0, 1.0 and OpenID
614 views
Skip to first unread message
alex
Feb 12, 2012, 2:55:43 PM2/12/12
to web...@googlegroups.com
https://github.com/scotch/engineauth is awesome.
What I didn't like is a long list of dependencies and the fact that there's already user model in webapp2 framework. Basically, I wanted something simpler, with a smaller code base.
So, after all, I took another approach, without rewriting existing stuff in webapp2:
simple test app is here:
alex.
Roberto Previtera
Feb 14, 2012, 5:28:29 PM2/14/12
to web...@googlegroups.com
Hello Alex, excellent work, thanks for sharing !
I think that the engineauth feature of dealing with multiple auth profiles per user is still missing, though.
Roberto
alex
Feb 14, 2012, 5:43:59 PM2/14/12
to web...@googlegroups.com
Hey, thanks!
this was a weekend project and I didn't have time to add unit tests, but I plan on extensive unit testing next weekend.
Coto
Feb 14, 2012, 11:10:31 PM2/14/12
to web...@googlegroups.com
thanks for sharing Alex. Would you like if I add this to https://github.com/coto/gae-boilerplate
the focus of that boilerplate so far if authentication with an own system of register, but with the OAuth that you made would be way better.
I thik the same of Roberto about the feature of dealing multiple accounts with one user, so you can choose an account to login to the same account (as Stackoverflow do)
@coto
alex
Feb 15, 2012, 2:14:49 AM2/15/12
to web...@googlegroups.com
sure! I'm happy you guys find it useful.
Jakob Holmelund
Feb 22, 2012, 5:36:20 PM2/22/12
to web...@googlegroups.com
Great work alex, personally i like this approach better than the one in engine auth. I've started to implement this into my project, i'll let you know if i find any bugs or optimizations.
Nguyen Truong Hoang
Apr 19, 2012, 12:42:47 AM4/19/12
to web...@googlegroups.com
Rafael Ramos-Garijo
Apr 20, 2012, 8:48:32 AM4/20/12
to web...@googlegroups.com
Thanks alex, i have found your library very useful. Excellent work :)
Niklas Rosencrantz
Apr 23, 2012, 12:05:15 AM4/23/12
to web...@googlegroups.com
I also checked out simpleauth and found I could use it. But I run many
domains for one app engine app, so I must have many facebook apps for
my one app engine app.
Thank you
domains for one app engine app, so I must have many facebook apps for
my one app engine app.
Thank you
alex
Apr 23, 2012, 1:52:14 AM4/23/12
to web...@googlegroups.com
Thank you all for checking it out. I'm happy to hear that!
I'll add a few more tests, improve code, docs and the example.
I'll keep you guys posted.
-- alex
alex
Sep 14, 2012, 3:37:07 AM9/14/12
to web...@googlegroups.com
There's a interesting discussion about CSRF protection for OAuth 2.0 using the state parameter (with or w/o HMAC digest), if you're interested:
alex
Sep 19, 2012, 4:12:53 AM9/19/12
to web...@googlegroups.com
Hey guys, I thought I'd let you know about the new release.
Changelog:
v0.1.3 - 2012-09-19
* CSRF protection for OAuth 2.0
http://code.google.com/p/gae-simpleauth/issues/detail?id=1
* Custom exceptions
http://code.google.com/p/gae-simpleauth/issues/detail?id=2
* Example app improvements, including:
- CSRF guard
- show exception messages for demo purposes
- prettier output of session, profile data and auth_info dictionaries
- https://github.com/crhym3/simpleauth/issues/4
- https://github.com/crhym3/simpleauth/issues/5
* More useful info in READMEReply all
Reply to author
Forward
0 new messages