The Real Python Podcast

OAuth 2 and Authentication Choices for Your Python Project

Listen Later

Have you thought about what authentication system you want to use for your Python project? Should you use an existing Python library or a third-party service? This week on the show, Dan Moore is here to talk about authentication systems and OAuth 2.

Dan is the head of developer relations at FusionAuth. He shares advice about setting up an authentication system, setting up device grants, using social login, and addressing privacy issues. Dan also provides multiple resources to learn much more about the topic.

Course Spotlight: Using Google Login With Flask

In this course, you’ll create a Flask application that lets users sign in using their Google login. You’ll learn about OAuth 2 and OpenID Connect and also find out how to implement some code to handle user session management.

Topics:

  • 00:00:00 – Introduction
  • 00:01:58 – What is FusionAuth?
  • 00:03:13 – What is the single-responsibility principle?
  • 00:04:14 – Thinking about setting up an authentication system
  • 00:08:42 – Background on OAuth
  • 00:13:26 – Device grants
  • 00:19:23 – Using another provider’s login and addressing privacy issues
  • 00:28:39 – Video Course Spotlight
  • 00:29:53 – Resources to learn more about privacy and identity
  • 00:32:39 – Setting up an OAuth system
  • 00:35:59 – DIY authentication pitfalls and hashing passwords
  • 00:42:57 – Staying on top of updates and social engineering
  • 00:51:29 – Resources for learning more about OAuth
  • 00:54:30 – What are you excited about in the world of Python?
  • 00:55:42 – What do you want to learn next?
  • 00:56:49 – Final words and social connections
  • 00:57:47 – Thanks and goodbye

    • Show Links:

    • FusionAuth - Auth. Built for Devs, By Devs
    • RFC 6749 - The OAuth 2.0 Authorization Framework
    • RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage
    • Single-responsibility principle - Wikipedia
    • oauthlib · PyPI
    • Final: OpenID Connect Core 1.0
    • International Association of Privacy Professionals
    • IDPro: Identity Professionals
    • Have I Been Pwned: Check if your email has been compromised in a data breach
    • Hash Functions | National Institute of Standards and Technology (NIST) - Computer Security Resource Center (CSRC)
    • Guides Overview - FusionAuth
    • The Modern Guide to OAuth - FusionAuth
    • Solving Identity Management in Modern Applications | SpringerLink
    • OAuth 2 in Action
    • Getting started — Django OAuth Toolkit 1.7.0 documentation
    • Flask-Login — Flask-Login 0.4.1 documentation
    • Adding social sign in to your Django web application using OAuth - FusionAuth
    • Create a Flask Application With Google Login – Real Python
    • Draft IETF - OAuth V2.1.04

      • Level up your Python skills with our expert-led courses:

      • Django View Authorization: Restricting Access
      • Using Google Login With Flask
      • Deploy Your Python Script on the Web With Flask

        • Support the podcast & join our community of Pythonistas

        ...more
        View all episodesView all episodes
        Download on the App Store
        The Real Python PodcastBy Real Python
        • 4.7
        • 4.7
        • 4.7
        • 4.7
        • 4.7

        4.7

        139 ratings

        More shows like The Real Python Podcast

        View all
        The Changelog: Software Development, Open Source by Changelog Media

        The Changelog: Software Development, Open Source

        288 Listeners

        Software Engineering Daily by Software Engineering Daily

        Software Engineering Daily

        625 Listeners

        Talk Python To Me by Michael Kennedy

        Talk Python To Me

        579 Listeners

        Soft Skills Engineering by Jamison Dance and Dave Smith

        Soft Skills Engineering

        289 Listeners

        Super Data Science: ML & AI Podcast with Jon Krohn by Jon Krohn

        Super Data Science: ML & AI Podcast with Jon Krohn

        302 Listeners

        Python Bytes by Michael Kennedy and Brian Okken

        Python Bytes

        213 Listeners

        Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

        Syntax - Tasty Web Development Treats

        988 Listeners

        Darknet Diaries by Jack Rhysider

        Darknet Diaries

        8,088 Listeners

        Tech Brew Ride Home by Morning Brew

        Tech Brew Ride Home

        969 Listeners

        Practical AI by Practical AI LLC

        Practical AI

        200 Listeners

        AWS Podcast by Amazon Web Services

        AWS Podcast

        207 Listeners

        Django Chat by William Vincent and Carlton Gibson

        Django Chat

        75 Listeners

        Last Week in AI by Skynet Today

        Last Week in AI

        310 Listeners

        Machine Learning Street Talk (MLST) by Machine Learning Street Talk (MLST)

        Machine Learning Street Talk (MLST)

        100 Listeners

        The Pragmatic Engineer by Gergely Orosz

        The Pragmatic Engineer

        70 Listeners