Login to Flask App with Twitter

In this tutorial you will learn how to use Twitter for login authentication in a Flask app. Instead of using a custom user login system, you could useTwitter to authenticate with your website. Your visitors may already have an account on Twitter, so why not use it to login?

To do so, we use a protocol called OAuth. From wikipedia:

OAuth is a protocol that utilizes tokens in order to access resources on behalf of a resource owner. Think giving a user the ability to give out a valet key to certain portions of your site. Many sites, such as Google, Facebook, and Twitter use OAuth for authenticating third party clients in order to access certain user resources.

Don’t worry if that sounds vague, we’ll take you through the steps.

Twitter login, Flask

Get the twitter consumer_key and consumer_secret

Go to https://apps.twitter.com/ and create a new app.

Specify your app details:

You will then see this screen:

Press Keys and Access Tokens. Finally you will see your consumer_key and consumer_secret which you will need for your app.

The code
Create the file app.py and set your consumer_key and consumer_secret that you got from twitter.

from flask import Flask, request, redirect, url_for, session, g, flash, \
     render_template
from flask_oauth import OAuth
 
from sqlalchemy import create_engine, Column, Integer, String
from sqlalchemy.orm import scoped_session, sessionmaker
from sqlalchemy.ext.declarative import declarative_base
 
# configuration
SECRET_KEY = 'development key'
DEBUG = True
 
# setup flask
app = Flask(__name__)
app.debug = DEBUG
app.secret_key = SECRET_KEY
oauth = OAuth()
 
# Use Twitter as example remote application
twitter = oauth.remote_app('twitter',
    # unless absolute urls are used to make requests, this will be added
    # before all URLs.  This is also true for request_token_url and others.
    base_url='https://api.twitter.com/1/',
    # where flask should look for new request tokens
    request_token_url='https://api.twitter.com/oauth/request_token',
    # where flask should exchange the token with the remote application
    access_token_url='https://api.twitter.com/oauth/access_token',
    # twitter knows two authorizatiom URLs.  /authorize and /authenticate.
    # they mostly work the same, but for sign on /authenticate is
    # expected because this will give the user a slightly different
    # user interface on the twitter side.
    authorize_url='https://api.twitter.com/oauth/authenticate',
    # the consumer keys from the twitter application registry.
    consumer_key='ADD TWITTER CONSUMER KEY',
    consumer_secret='ADD TWITTER CONSUMER SECRET'
)
 
 
@twitter.tokengetter
def get_twitter_token(token=None):
    return session.get('twitter_token')
 
@app.route('/')
def index():
    access_token = session.get('access_token')
    if access_token is None:
        return redirect(url_for('login'))
 
    access_token = access_token[0]
 
    return render_template('index.html')
 
@app.route('/login')
def login():
    return twitter.authorize(callback=url_for('oauth_authorized',
        next=request.args.get('next') or request.referrer or None))
 
 
@app.route('/logout')
def logout():
    session.pop('screen_name', None)
    flash('You were signed out')
    return redirect(request.referrer or url_for('index'))
 
 
@app.route('/oauth-authorized')
@twitter.authorized_handler
def oauth_authorized(resp):
    next_url = request.args.get('next') or url_for('index')
    if resp is None:
        flash(u'You denied the request to sign in.')
        return redirect(next_url)
 
    access_token = resp['oauth_token']
    session['access_token'] = access_token
    session['screen_name'] = resp['screen_name']
 
    session['twitter_token'] = (
        resp['oauth_token'],
        resp['oauth_token_secret']
    )
 
 
    return redirect(url_for('index'))
 
 
if __name__ == '__main__':
    app.run()

Create the directory /templates/ with the file index.html

{% block body %}
  <h2>Flask Login App</h2>
    {% if session['screen_name'] %}
      Hello {{ session['screen_name'] }}!  
  {% else %}
    <p>
      Sign in with twitter.
    <p>
      <a href="{{ url_for('login') }}"><img src="{{
        url_for('static', filename='sign-in.png') }}" alt="sign in"></a>
  {% endif %}
{% endblock %}

Finally create the directory /static/ with the image sign-in.png:

Start your app with:

python app.py

Open the app in your web-browser. Then your users can simply follow the steps to login:

4 thoughts on “Login to Flask App with Twitter”

Chipping Barnet for Europe #FBPE #WATON - January 30, 2018

I tried to run a copy-and-paste version of this, using my own keys,
and I get the following error:

Traceback (most recent call last):
  File "C:\Users\..\Python\Python36-32\lib\site-packages\flask\app.py", line 1994, in __call__
    return self.wsgi_app(environ, start_response)
  ...
packages\flask_oauth.py", line 299, in generate_request_token
    type='token_generation_failed')
flask_oauth.OAuthException: e)

Log in to Reply
Frank - March 11, 2018

Make sure you have the right keys. It may be Twitter switched to OAuth2, see the flask_oauthlib

Log in to Reply
Vishnubala V - January 30, 2018
Am getting errors:
flask_oauth.OAuthException OAuthException: Failed to generate request token
1. Log in to Reply
  Frank - February 18, 2018
  
  did you generate the access tokens?

Twitter login, Flask

4 thoughts on “Login to Flask App with Twitter”

Leave a Reply Cancel reply