implement users

[frnsys]

using flask-security

necessary for implementing oauth (see #22)

[frnsys]

actually – it makes more sense to plug into an existing platform; i.e. use twitter to authenticate/user accounts. look at flask-social, which is built on flask-security.

[frnsys]

there still needs to be a user model, to keep track of settings and user-specific data. to keep flexibility for other accounts, need to also keep track of which service the token belongs to.

so, need to save:

• account type (e.g. twitter, facebook, google, email)
• email (if possible to pull from these account providers)
• token

[ferristseng]

i'm having problems with flask-social which depends on python-oauth2. unfortunately, python-oauth2 doesn't work with python 3.3 it seems.

joestump/python-oauth2#147

Downloading/unpacking oauth2 (from Flask-OAuth>=0.12->Flask-Social==1.6.2->-r requirements.txt (line 6))
  Downloading oauth2-1.5.211.tar.gz
  Running setup.py egg_info for package oauth2
    Traceback (most recent call last):
      File "<string>", line 16, in <module>
      File "/Users/ferristseng/.virtualenvs/cpython333/build/oauth2/setup.py", line 18
        print "unable to find version in %s" % (VERSIONFILE,)
                                           ^
    SyntaxError: invalid syntax
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):

  File "<string>", line 16, in <module>

  File "/Users/ferristseng/.virtualenvs/cpython333/build/oauth2/setup.py", line 18

    print "unable to find version in %s" % (VERSIONFILE,)

                                       ^

SyntaxError: invalid syntax

----------------------------------------
Cleaning up...
Command python setup.py egg_info failed with error code 1 in /Users/ferristseng/.virtualenvs/cpython333/build/oauth2
Storing complete log in /Users/ferristseng/.pip/pip.log

[frnsys]

hm we may have to roll our own with https://github.com/lepture/flask-oauthlib

[frnsys]

foundational work here:
#27

[frnsys]

I started adding in the oauth flows for authentication via google, twitter, and facebook. Haven't yet had a chance to test them:
7749179

[frnsys]

closed via 61c8f4d

[frnsys]

@ferristseng when you get a chance can you take a look and let me know what you think? mainly at the encryption of oauth token secrets/where those config values are stored. do you think they should be in base_security because they are related to security, although they aren't explicitly related to the flask-security package?

[ferristseng]

it's probably better the way you have it. the only advantage to putting it in base_security, would be if you needed in the global context for the Flask app.