Development of a JWT-based web application with Flask for teaching purposes
Supports login with
- User name and password
- Google account
- Second-factor authentication with time-based one-time password TOTP
Includes:
- simple UI
- authentification web service
- pytest file
- OpenAPI description file
- MySql init file
- Use the package manager [pip](https://pip.pypa.io/en/stable/) to install requirements.
pip install -r requirements.txt
- Start MySQL/MariaDB server and run SQL script initdb.sql
- Copy or rename settings-template.py to settings.py and enter the appropriate connection data for the database (can be taken from initdb.sql).
- Create a key pair for asynchronous encryption:
Private key:
openssl genrsa -aes256 -out private_key.pem 2048
Generation of the corresponding public key:
openssl rsa -pubout -in private_key.pem -out public_key.pem
Also copy the two keys together with the used password into the settings.py file. (Caution. Do not lose any character or add too much - not even a line break).
- Register the application as a client with Google as an authentication provider:
Google developers credentials page
https://console.developers.google.com/apis/credentials (Google account required.)This will provide you with a Google Client ID and a Google Client Key. Both are also copied to settings.py.
python simpleAuthService.pyOpen https://127.0.0.1:5000 with the browser
Start the test program with
pytest testSimpleAuthService.pyand/or
open openapi.yaml in https://editor.swagger.io/ and test the web service with the Swagger editor.
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Please make sure to update tests as appropriate.