如果立即使用访问令牌,是否需要实施 fetch_token?
Necessary to implement fetch_token if using access token immediately?
何时使用Authlib with a service like GitHub, is it necessary to implement fetch_token
if we only want to use the token once in order to retrieve a user's profile (from https://api.github.com/user)?我看到 "If OAuth login is what you want ONLY, you don’t need fetch_token
at all," 虽然从技术上讲我们想要的更多,因为我们在调用 github.authorize_access_token
:
之后调用 github.get
import os
from authlib.flask.client import OAuth
from authlib.client.apps import github
from flask import Flask, redirect, session, url_for
app = Flask(__name__)
oauth = OAuth(app)
app.config["GITHUB_CLIENT_ID"] = os.getenv("GITHUB_CLIENT_ID")
app.config["GITHUB_CLIENT_SECRET"] = os.getenv("GITHUB_CLIENT_SECRET")
app.config["GITHUB_CLIENT_KWARGS"] = {"scope": "user:email"}
github.register_to(oauth)
...
@app.route("/login")
def login():
redirect_uri = url_for("authorize", _external=True)
return github.authorize_redirect(redirect_uri)
@app.route("/authorize")
def authorize():
token = github.authorize_access_token()
user = github.get("user").json()
session["login"] = user["login"]
return redirect(url_for("index"))
似乎 github.get("user")
成功(调用 github.profile
也是如此),即使没有将 token
存储在 session
或数据库中,并且通过调用 fetch_token
函数返回它?
不,你不需要 fetch_token
。
github.authorize_access_token()
print(github.session.token)
何时使用Authlib with a service like GitHub, is it necessary to implement fetch_token
if we only want to use the token once in order to retrieve a user's profile (from https://api.github.com/user)?我看到 "If OAuth login is what you want ONLY, you don’t need fetch_token
at all," 虽然从技术上讲我们想要的更多,因为我们在调用 github.authorize_access_token
:
github.get
import os
from authlib.flask.client import OAuth
from authlib.client.apps import github
from flask import Flask, redirect, session, url_for
app = Flask(__name__)
oauth = OAuth(app)
app.config["GITHUB_CLIENT_ID"] = os.getenv("GITHUB_CLIENT_ID")
app.config["GITHUB_CLIENT_SECRET"] = os.getenv("GITHUB_CLIENT_SECRET")
app.config["GITHUB_CLIENT_KWARGS"] = {"scope": "user:email"}
github.register_to(oauth)
...
@app.route("/login")
def login():
redirect_uri = url_for("authorize", _external=True)
return github.authorize_redirect(redirect_uri)
@app.route("/authorize")
def authorize():
token = github.authorize_access_token()
user = github.get("user").json()
session["login"] = user["login"]
return redirect(url_for("index"))
似乎 github.get("user")
成功(调用 github.profile
也是如此),即使没有将 token
存储在 session
或数据库中,并且通过调用 fetch_token
函数返回它?
不,你不需要 fetch_token
。
github.authorize_access_token()
print(github.session.token)