├── .circleci └── config.yml ├── .github ├── CODEOWNERS ├── ISSUE_TEMPLATE │ ├── Bug Report.yml │ ├── Feature Request.yml │ └── config.yml ├── dependabot.yml ├── stale.yml └── workflows │ └── semgrep.yml ├── .gitignore ├── 01-Login ├── .dockerignore ├── .env.example ├── .gitignore ├── Dockerfile ├── Procfile ├── README.md ├── exec.ps1 ├── exec.sh ├── requirements.txt ├── server.py └── templates │ └── home.html ├── LICENSE └── README.md /.circleci/config.yml: -------------------------------------------------------------------------------- 1 | # Common logic 2 | defaults: &defaults 3 | steps: 4 | - attach_workspace: 5 | at: ~/ 6 | - run: 7 | name: Replace Auth0 test credentials 8 | command: | 9 | mv $AUTH0_CFG.example $AUTH0_CFG 10 | sed -i 's/{CLIENT_ID}/'$AUTH0_TEST_CLIENT_ID'/g' $AUTH0_CFG 11 | sed -i 's/{DOMAIN}/'$AUTH0_TEST_DOMAIN'/g' $AUTH0_CFG 12 | sed -i 's/{CLIENT_SECRET}/'$AUTH0_TEST_CLIENT_SECRET'/g' $AUTH0_CFG 13 | - run: 14 | name: Build pull request 15 | command: | 16 | docker build -t $CIRCLE_JOB ./$SAMPLE_PATH 17 | docker run -d -p 3000:3000 --name $CIRCLE_SHA1 --env-file ./$AUTH0_CFG $CIRCLE_JOB 18 | background: true 19 | - run: 20 | name: Wait for app to be available 21 | command: | 22 | sleep 20 23 | docker run --network host --rm appropriate/curl --retry 8 --retry-connrefused -v localhost:3000 24 | - run: 25 | name: Run tests 26 | command: | 27 | docker create --network host --name tester codeceptjs/codeceptjs codeceptjs run-multiple --all --steps 28 | docker cp $(pwd)/lock_login_test.js tester:/tests/lock_login_test.js 29 | docker cp $(pwd)/codecept.conf.js tester:/tests/codecept.conf.js 30 | docker start -i tester 31 | working_directory: scripts 32 | - run: 33 | name: Copy app container logs 34 | command: | 35 | mkdir -p /tmp/out 36 | docker logs $CIRCLE_SHA1 > /tmp/out/app_logs.log 37 | docker cp tester:/tests/out /tmp/ 38 | when: on_fail 39 | - store_artifacts: 40 | path: /tmp/out 41 | 42 | # Jobs and Workflows 43 | version: 2.1 44 | parameters: 45 | machine_image: 46 | type: string 47 | default: ubuntu-2004:202201-02 48 | jobs: 49 | checkout: 50 | machine: 51 | image: << pipeline.parameters.machine_image >> 52 | steps: 53 | - checkout 54 | - run: git clone https://github.com/auth0-samples/spa-quickstarts-tests scripts 55 | - persist_to_workspace: 56 | root: ~/ 57 | paths: 58 | - project 59 | - scripts 60 | login: 61 | machine: 62 | image: << pipeline.parameters.machine_image >> 63 | environment: 64 | - AUTH0_CFG: 01-Login/.env 65 | - SAMPLE_PATH: 01-Login 66 | <<: *defaults 67 | 68 | workflows: 69 | version: 2 70 | quickstarts_login: 71 | jobs: 72 | - checkout: 73 | context: Quickstart Web App Test 74 | - login: 75 | context: Quickstart Web App Test 76 | requires: 77 | - checkout 78 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @auth0-samples/dx-sdks-engineer 2 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Bug Report.yml: -------------------------------------------------------------------------------- 1 | name: 🐞 Report a bug 2 | description: Have you found a bug or issue? Create a bug report for this sample 3 | 4 | body: 5 | - type: markdown 6 | attributes: 7 | value: | 8 | **Please do not report security vulnerabilities here**. The [Responsible Disclosure Program](https://auth0.com/responsible-disclosure-policy) details the procedure for disclosing security issues. 9 | 10 | - type: checkboxes 11 | id: checklist 12 | attributes: 13 | label: Checklist 14 | options: 15 | - label: I have looked into the [Readme](https://github.com/auth0-samples/auth0-python-web-app/tree/master/01-Login#readme) and have not found a suitable solution or answer. 16 | required: true 17 | - label: I have searched the [issues](https://github.com/auth0-samples/auth0-python-web-app/issues) and have not found a suitable solution or answer. 18 | required: true 19 | - label: I have searched the [Auth0 Community](https://community.auth0.com) forums and have not found a suitable solution or answer. 20 | required: true 21 | - label: I agree to the terms within the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md). 22 | required: true 23 | 24 | - type: textarea 25 | id: description 26 | attributes: 27 | label: Description 28 | description: Provide a clear and concise description of the issue, including what you expected to happen. 29 | validations: 30 | required: true 31 | 32 | - type: textarea 33 | id: reproduction 34 | attributes: 35 | label: Reproduction 36 | description: Detail the steps taken to reproduce this error, and whether this issue can be reproduced consistently or if it is intermittent. 37 | placeholder: | 38 | 1. Step 1... 39 | 2. Step 2... 40 | 3. ... 41 | validations: 42 | required: true 43 | 44 | - type: textarea 45 | id: additional-context 46 | attributes: 47 | label: Additional context 48 | description: Any other relevant information you think would be useful. 49 | validations: 50 | required: false 51 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Feature Request.yml: -------------------------------------------------------------------------------- 1 | name: 🧩 Feature request 2 | description: Suggest an idea or a feature for this sample 3 | labels: ["feature request"] 4 | 5 | body: 6 | - type: checkboxes 7 | id: checklist 8 | attributes: 9 | label: Checklist 10 | options: 11 | - label: I have looked into the [Readme](https://github.com/auth0-samples/auth0-python-web-app/tree/master/01-Login#readme) and have not found a suitable solution or answer. 12 | required: true 13 | - label: I have searched the [issues](https://github.com/auth0-samples/auth0-python-web-app/issues) and have not found a suitable solution or answer. 14 | required: true 15 | - label: I have searched the [Auth0 Community](https://community.auth0.com) forums and have not found a suitable solution or answer. 16 | required: true 17 | - label: I agree to the terms within the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md). 18 | required: true 19 | 20 | - type: textarea 21 | id: description 22 | attributes: 23 | label: Describe the problem you'd like to have solved 24 | description: A clear and concise description of what the problem is. 25 | validations: 26 | required: true 27 | 28 | - type: textarea 29 | id: ideal-solution 30 | attributes: 31 | label: Describe the ideal solution 32 | description: A clear and concise description of what you want to happen. 33 | validations: 34 | required: true 35 | 36 | - type: textarea 37 | id: alternatives-and-workarounds 38 | attributes: 39 | label: Alternatives and current workarounds 40 | description: A clear and concise description of any alternatives you've considered or any workarounds that are currently in place. 41 | validations: 42 | required: false 43 | 44 | - type: textarea 45 | id: additional-context 46 | attributes: 47 | label: Additional context 48 | description: Add any other context or screenshots about the feature request here. 49 | validations: 50 | required: false 51 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/config.yml: -------------------------------------------------------------------------------- 1 | blank_issues_enabled: false 2 | contact_links: 3 | - name: 🤔 Help & Questions 4 | url: https://community.auth0.com 5 | about: Ask general support or usage questions in the Auth0 Community forums. 6 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: "pip" 4 | directory: "/01-Login" 5 | schedule: 6 | interval: "daily" 7 | ignore: 8 | - dependency-name: "*" 9 | update-types: ["version-update:semver-major", "version-update:semver-patch"] 10 | -------------------------------------------------------------------------------- /.github/stale.yml: -------------------------------------------------------------------------------- 1 | # Configuration for probot-stale - https://github.com/probot/stale 2 | 3 | # Number of days of inactivity before an Issue or Pull Request becomes stale 4 | daysUntilStale: 90 5 | 6 | # Number of days of inactivity before an Issue or Pull Request with the stale label is closed. 7 | daysUntilClose: 7 8 | 9 | # Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable 10 | exemptLabels: [] 11 | 12 | # Set to true to ignore issues with an assignee (defaults to false) 13 | exemptAssignees: true 14 | 15 | # Label to use when marking as stale 16 | staleLabel: closed:stale 17 | 18 | # Comment to post when marking as stale. Set to `false` to disable 19 | markComment: > 20 | This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇‍♂️ -------------------------------------------------------------------------------- /.github/workflows/semgrep.yml: -------------------------------------------------------------------------------- 1 | name: Semgrep 2 | 3 | on: 4 | pull_request: {} 5 | 6 | push: 7 | branches: ["master", "main"] 8 | 9 | schedule: 10 | - cron: '30 0 1,15 * *' 11 | 12 | jobs: 13 | semgrep: 14 | name: Scan 15 | runs-on: ubuntu-latest 16 | container: 17 | image: returntocorp/semgrep 18 | # Skip any PR created by dependabot to avoid permission issues 19 | if: (github.actor != 'dependabot[bot]') 20 | steps: 21 | - uses: actions/checkout@v3 22 | 23 | - run: semgrep ci 24 | env: 25 | SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} 26 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | *.iml 3 | .idea 4 | .env 5 | __pycache__ 6 | -------------------------------------------------------------------------------- /01-Login/.dockerignore: -------------------------------------------------------------------------------- 1 | .env 2 | .env.example 3 | .gitignore 4 | .git 5 | README.md -------------------------------------------------------------------------------- /01-Login/.env.example: -------------------------------------------------------------------------------- 1 | AUTH0_CLIENT_ID={CLIENT_ID} 2 | AUTH0_CLIENT_SECRET={CLIENT_SECRET} 3 | AUTH0_DOMAIN={DOMAIN} 4 | APP_SECRET_KEY=ALongRandomlyGeneratedString 5 | -------------------------------------------------------------------------------- /01-Login/.gitignore: -------------------------------------------------------------------------------- 1 | .env 2 | .pyc 3 | *.iml 4 | .directory 5 | .idea -------------------------------------------------------------------------------- /01-Login/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3 2 | 3 | WORKDIR /home/app 4 | 5 | #If we add the requirements and install dependencies first, docker can use cache if requirements don't change 6 | ADD requirements.txt /home/app 7 | RUN pip install --no-cache-dir -r requirements.txt 8 | 9 | ADD . /home/app 10 | CMD python server.py 11 | 12 | EXPOSE 3000 13 | -------------------------------------------------------------------------------- /01-Login/Procfile: -------------------------------------------------------------------------------- 1 | web: python server.py -------------------------------------------------------------------------------- /01-Login/README.md: -------------------------------------------------------------------------------- 1 | # Auth0 Python Web App Sample 2 | 3 | This sample demonstrates how to add authentication to a Python web app using Auth0. 4 | 5 | # Running the App 6 | 7 | To run the sample, make sure you have `python3` and `pip` installed. 8 | 9 | Rename `.env.example` to `.env` and populate it with the client ID, domain, secret, callback URL and audience for your 10 | Auth0 app. If you are not implementing any API you can use `https://YOUR_DOMAIN.auth0.com/userinfo` as the audience. 11 | Also, add the callback URL to the settings section of your Auth0 client. 12 | 13 | Register `http://localhost:3000/callback` as `Allowed Callback URLs` and `http://localhost:3000` 14 | as `Allowed Logout URLs` in your client settings. 15 | 16 | Run `pip install -r requirements.txt` to install the dependencies and run `python server.py`. 17 | The app will be served at [http://localhost:3000/](http://localhost:3000/). 18 | 19 | # Running the App with Docker 20 | 21 | To run the sample, make sure you have `docker` installed. 22 | 23 | To run the sample with [Docker](https://www.docker.com/), make sure you have `docker` installed. 24 | 25 | Rename the .env.example file to .env, change the environment variables, and register the URLs as explained [previously](#running-the-app). 26 | 27 | Run `sh exec.sh` to build and run the docker image in Linux or run `.\exec.ps1` to build 28 | and run the docker image on Windows. 29 | 30 | ## What is Auth0? 31 | 32 | Auth0 helps you to: 33 | 34 | * Add authentication with [multiple authentication sources](https://auth0.com/docs/identityproviders), 35 | either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, among others**,or 36 | enterprise identity systems like **Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider**. 37 | * Add authentication through more traditional **[username/password databases](https://docs.auth0.com/mysql-connection-tutorial)**. 38 | * Add support for **[linking different user accounts](https://auth0.com/docs/link-accounts)** with the same user. 39 | * Support for generating signed [JSON Web Tokens](https://auth0.com/docs/jwt) to call your APIs and 40 | **flow the user identity** securely. 41 | * Analytics of how, when and where users are logging in. 42 | * Pull data from other sources and add it to the user profile, through [JavaScript rules](https://auth0.com/docs/rules). 43 | 44 | ## Create a free account in Auth0 45 | 46 | 1. Go to [Auth0](https://auth0.com) and click Sign Up. 47 | 2. Use Google, GitHub or Microsoft Account to login. 48 | 49 | ## Issue Reporting 50 | 51 | If you have found a bug or if you have a feature request, please report them at this repository issues section. 52 | Please do not report security vulnerabilities on the public GitHub issue tracker. 53 | The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues. 54 | 55 | ## Author 56 | 57 | [Auth0](https://auth0.com) 58 | 59 | ## License 60 | 61 | This project is licensed under the MIT license. See the [LICENSE](../LICENSE) file for more info. 62 | -------------------------------------------------------------------------------- /01-Login/exec.ps1: -------------------------------------------------------------------------------- 1 | docker build -t auth0-python-web-01-login . 2 | docker run --env-file .env -p 3000:3000 -it auth0-python-web-01-login 3 | -------------------------------------------------------------------------------- /01-Login/exec.sh: -------------------------------------------------------------------------------- 1 | docker build -t auth0-python-web-01-login . 2 | docker run --env-file .env -p 3000:3000 -it auth0-python-web-01-login 3 | -------------------------------------------------------------------------------- /01-Login/requirements.txt: -------------------------------------------------------------------------------- 1 | flask>=2.0.3 2 | python-dotenv>=0.19.2 3 | authlib>=1.0 4 | requests>=2.27.1 5 | -------------------------------------------------------------------------------- /01-Login/server.py: -------------------------------------------------------------------------------- 1 | """Python Flask WebApp Auth0 integration example 2 | """ 3 | 4 | import json 5 | from os import environ as env 6 | from urllib.parse import quote_plus, urlencode 7 | 8 | from authlib.integrations.flask_client import OAuth 9 | from dotenv import find_dotenv, load_dotenv 10 | from flask import Flask, redirect, render_template, session, url_for 11 | 12 | ENV_FILE = find_dotenv() 13 | if ENV_FILE: 14 | load_dotenv(ENV_FILE) 15 | 16 | app = Flask(__name__) 17 | app.secret_key = env.get("APP_SECRET_KEY") 18 | 19 | 20 | oauth = OAuth(app) 21 | 22 | oauth.register( 23 | "auth0", 24 | client_id=env.get("AUTH0_CLIENT_ID"), 25 | client_secret=env.get("AUTH0_CLIENT_SECRET"), 26 | client_kwargs={ 27 | "scope": "openid profile email", 28 | }, 29 | server_metadata_url=f'https://{env.get("AUTH0_DOMAIN")}/.well-known/openid-configuration', 30 | ) 31 | 32 | 33 | # Controllers API 34 | @app.route("/") 35 | def home(): 36 | return render_template( 37 | "home.html", 38 | session=session.get("user"), 39 | pretty=json.dumps(session.get("user"), indent=4), 40 | ) 41 | 42 | 43 | @app.route("/callback", methods=["GET", "POST"]) 44 | def callback(): 45 | token = oauth.auth0.authorize_access_token() 46 | session["user"] = token 47 | return redirect("/") 48 | 49 | 50 | @app.route("/login") 51 | def login(): 52 | return oauth.auth0.authorize_redirect( 53 | redirect_uri=url_for("callback", _external=True) 54 | ) 55 | 56 | 57 | @app.route("/logout") 58 | def logout(): 59 | session.clear() 60 | return redirect( 61 | "https://" 62 | + env.get("AUTH0_DOMAIN") 63 | + "/v2/logout?" 64 | + urlencode( 65 | { 66 | "returnTo": url_for("home", _external=True), 67 | "client_id": env.get("AUTH0_CLIENT_ID"), 68 | }, 69 | quote_via=quote_plus, 70 | ) 71 | ) 72 | 73 | 74 | if __name__ == "__main__": 75 | app.run(host="0.0.0.0", port=env.get("PORT", 3000)) 76 | -------------------------------------------------------------------------------- /01-Login/templates/home.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Auth0 Example 5 | 6 | 7 | {% if session %} 8 |

Welcome {{session.userinfo.name}}!

9 |

Logout

10 | 
{{pretty}}
11 | {% else %} 12 |

Welcome Guest

13 |

Login

14 | {% endif %} 15 | 16 | 17 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2022 Auth0 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Auth0 Python Web App 2 | 3 | [![CircleCI](https://circleci.com/gh/auth0-samples/auth0-python-web-app.svg?style=svg)](https://circleci.com/gh/auth0-samples/auth0-python-web-app) 4 | 5 | This repository contains the source code for the [Python Web App Quickstart](https://auth0.com/docs/quickstart/webapp/python). 6 | 7 | ## What is Auth0? 8 | 9 | Auth0 helps you to easily: 10 | 11 | - implement authentication with multiple identity providers, including social (e.g., Google, Facebook, Microsoft, LinkedIn, GitHub, Twitter, etc), or enterprise (e.g., Windows Azure AD, Google Apps, Active Directory, ADFS, SAML, etc.) 12 | - log in users with username/password databases, passwordless, or multi-factor authentication 13 | - link multiple user accounts together 14 | - generate signed JSON Web Tokens to authorize your API calls and flow the user identity securely 15 | - access demographics and analytics detailing how, when, and where users are logging in 16 | - enrich user profiles from other data sources using customizable JavaScript rules 17 | 18 | [Why Auth0?](https://auth0.com/why-auth0) 19 | 20 | ## Create a free account in Auth0 21 | 22 | 1. Go to [Auth0](https://auth0.com) and click Sign Up. 23 | 2. Use Google, GitHub or Microsoft Account to login. 24 | 25 | ## Issue Reporting 26 | 27 | If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues. 28 | 29 | ## License 30 | 31 | This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info. 32 | --------------------------------------------------------------------------------