Getting the Strava token

Strava provides a typical three-legged OAuth2 implementation, and stravalib (https://github.com/hozn/stravalib), all the tools to use it.

Implementing the dance is done by redirecting the user to Strava and exposing an endpoint the user is redirected to once granted access to Strava.

What we get in return is the user info from its Strava account along with the token access. We can store all this info in the Flask session, use it as our login mechanism, and pass the e-mail and token values to DataService so that the Celery strava worker can also use the token.

Like we did in Chapter 4, Designing Runnerly, let's implement the function that generates the URL to send the user to, as follows:

    from stravalib.client import Client 
    def get_strava_url(): 
        client = Client() 
        cid = app.config['STRAVA_CLIENT_ID'] 
        redirect = app.config['STRAVA_REDIRECT'] 
        url = client.authorization_url(client_id=cid, redirect_uri=redirect) 
        return url

That function takes ;client_id from the Runnerly application (generated in the Strava API settings panel) and the redirect URL defined for the dashboard, and returns a URL we can present to the user.

The dashboard view can be changed accordingly to pass that URL to the template.

    from flask import session 
 
    @app.route('/') 
    def index(): 
        strava_url = get_strava_url() 
        user = session.get('user') 
        return render_template('index.html', strava_url=strava_url, 
                                user=user)

We also pass a user variable if there's any stored into the session. The template can then use the Strava URL to display a login/logout link as follows:

      {% if not user %} 
      <a href="{{strava_url}}">Login via Strava</a> 
      {% else %} 
      Hi {{user}}! 
      <a href="/logout">Logout</a> 
      {% endif %}

When the user clicks on the login link, she is redirected to Strava and back to our application on the endpoint defined by STRAVA_REDIRECT.

The implementation of that view can be like this

    @app.route('/strava_redirect') 
    def strava_login(): 
        code = request.args.get('code') 
        client = Client() 
        cid = app.config['STRAVA_CLIENT_ID'] 
        csecret = app.config['STRAVA_CLIENT_SECRET'] 
        access_token = client.exchange_code_for_token(client_id=cid, 
client_secret=csecret, code=code) 
        athlete = client.get_athlete() 
        email = athlete.email 
        session['user'] = email 
        session['token'] = access_token 
        send_user_to_dataservice(email, access_token) 
        return redirect('/')

The stravalib library's Client class converts the code with a token we can store in the session, and lets us grab some info on the user using the ;get_athlete() method.

Lastly, the send_user_to_dataservice(email, access_token) can interact with the DataService microservice to make sure the e-mail and access tokens are stored there, using a JWT-based access.

We are not detailing how Dashboard interacts with the TokenDealer, since we have already shown it in Chapter 7, Securing Your Services. The process is similar--the Dashboard app gets a token from TokenDealer, and uses it to access DataService.

The last part of authentication is in the ReactJS code, as we will see in the next section.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset