miguelgrinberg
commented
1 year ago I have explained the general approach to use OAuth 2 authentication in a blog post. It's an old post, but the solution I present there still works today, and I continue to use it.
Now this is an API project, so really logging in is a concept that does not apply to this project, since it would be the responsibility of the front end to do that. You could however, make a combined effort between the front end and the back end to follow the OAuth steps as described in my article. After the user authenticates, Google will redirect back to your front end passing an authorization code. At this point you could have your front end pass this code to the API as authentication, instead of the username and password that I'm using here. The logic in the authentication route in the back end will replace the username/password verification with the last part of the OAuth flow, which is to exchange the authorization code for an access token, and then using the access token with the Google API to get information about the logged in user, which is the logic that exists in the callback route in the article.
Hi Miguel -
How would you recommend going about google oauth flow using the flask http auth library?