Using Flask-Social with Oauth Provider(s) Only, No Local Registration/Login Forms
Is it possible to use Flask-Social and Flask-Security if I only want to use Facebook Login, for example, for user registration and login, i.e. no local registration/login forms?
I looked through the Flask-Social example application and documentation but couldn't tell if this is possible. In the example application, users cannot login with Facebook unless they've previously registered. After registering with the example application, they can associate their Facebook account with their local account.
When I tried to call social.facebook.get_connection() I got an AttributeError 'AnonymousUser' object has no attribute 'id' because there's no current_user, which is defined by flask-security after registration/login.
This is doable without too much extra work using the @login_failed.connect_via decorator. With app as your instance of a Flask app, it would look like
@login_failed.connect_via(app): def on_login_failed(sender, provider, oauth_response): connection_values = get_connection_values_from_oauth_response(provider, oauth_response) ds = current_app.security.datastore user = ds.create_user( ... ) #fill in relevant stuff here ds.commit() connection_values['user_id'] = user.id connect_handler(connection_values, provider) login_user(user) db.commit() return render_template('success.html')
As for filling in the relevant stuff for creating the user, I just create a random string for the password, and haven't had issues leaving the email null. I also just included the exact same answer on the Flask-Social github page.