About the content
As a Python programmer, leveraging Flask allows you to quickly and easily build your own web applications. But before you share your apps on the Internet you should protect your users' data, ensuring information stored on your site is safe from unwanted manipulation. You could implement web security and permissions on your own, but relying on trusted providers is a faster, safer, and easier way to allow users to login to your application - without having to create and maintain another account, profile, and password. In this course, you will learn to implement the OAuth 2.0 framework to allow users to securely login to your web applications. You'll be provided a restaurant menu application created in Flask. By the end of this course, you will write the necessary code to implement Google+ Sign-In and Facebook Login in options so users can create restaurant menus that are viewable by everyone but only modifiable by the original creator.
Lesson 1 - Authentication vs. AuthorizationLearn the difference between the concepts of authentication and authorization and address some major security concerns that developers must protect against when developing a web application. You will learn how OAuth 2.0 makes implementing security easier for developers and users alike by allowing your users to sign in to your applications while keeping all of the security on well-known and trusted OAuth providers. Finally, you will see OAuth 2.0 in action as you make API requests using Google's OAuth 2.0 Playground.
Lesson 2 - Creating a Google+ Sign-InLearn about the different types of security flows your application can implement. You will see how security can be handled by your server, your user's browser, or both depending on the type of security your application needs. You will then add a Google+ Sign-In to an existing web application and implement a hybridized client/server flow.
Lesson 3 - Local Permission SystemsAdd python code to create server-side rules that will constitute a permission system. This system will limit access of the database for each logged in user based on how the developer designs this code. You will add a User model model to your database to store the credentials, such as username, email, and profile picture, collected from the OAuth provider's API.
Lesson 4 - Adding Facebook & Other ProvidersLearn to implement multiple OAuth providers on your web application. You will add Facebook Login as an alternative sign in option for your users and understand how to use OAuth provider documentation to add as many providers as you see fit for your application.
- Lorenzo Brown - Lorenzo has had a passion for education since his first experience teaching computer science at a summer camp during college. He has lived in Boston, Boise, Bethlehem, Jerusalem and Mexico City before making California home. Lorenzo enjoys traveling, cooking, and taking on do-it-yourself projects. He holds a degree in Mathematics with Computer Science from the Massachusetts Institute of Technology with a concentration in Middle Eastern Studies.
Udacity is a for-profit educational organization founded by Sebastian Thrun, David Stavens, and Mike Sokolsky offering massive open online courses (MOOCs). According to Thrun, the origin of the name Udacity comes from the company's desire to be "audacious for you, the student". While it originally focused on offering university-style courses, it now focuses more on vocational courses for professionals.