0

I'm trying to figure how to properly implement Google+ Sign In (https://developers.google.com/+/web/signin/) in my AngularJS app to secure the REST API that it depends on.

I have 2 components to my application: the AngularJS app and a Python Flask REST API. I want to keep the REST API stateless. I see that there is the "client-side flow" and the "hybrid server-side flow", but I'm not sure which one to use.

I was imagining this flow in my head:
1) User signs in through the AngularJS app and receives a token from Google
2) User passes the token along with every REST API request
3) The API server verifies the token with Google before processing the request and returns an error if the token is invalid

Would I just use the client-side flow then and have my server call some Google API to verify token it receives with every request?

Improve this question

1 Answer 1

Reset to default
3

I think satellizer would be a great solution.

Satellizer is a simple to use, end-to-end, token-based authentication module for AngularJS with built-in support for Google, Facebook, LinkedIn, Twitter authentication providers, plus Email and Password sign-in method. You are not limited to the sign-in options above, in fact you can add any OAuth 1.0 or OAuth 2.0 provider by passing provider-specific information during the configuration step.

Installation

bower install satellizer --save

Usage

"Google+" in your case

angular.module('MyApp', ['satellizer']).config(function($authProvider) {

 $authProvider.google({
   clientId: '631036554609-v5hm2amv4pvico3asfi97f54sc51ji4o.apps.googleusercontent.com'
 });
});

Controller

angular.module('MyApp').controller('LoginCtrl', function($scope, $auth) {
 $scope.authenticate = function(provider) {
   $auth.authenticate(provider);
 };
});

Template

 <button ng-click="authenticate('google')">Sign in with Google</button>

Full Documentation you can find it here https://github.com/sahat/satellizer and for server side "python" in your case you'll be able to see an example here https://github.com/sahat/satellizer/tree/master/examples/server/python

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.