Build a Simple CRUD App with Flask and Python

Build a Simple CRUD App with Flask and Python

This post walks you through building a simple Flask web app with user registration, login, databases, etc.

Rwothoromo Elijah

Hello,

Awesome article! However, I am not able to access the login/register page after following the steps!

I have a https://github.com/Rwothoromo/Flask-Okta with what I’ve tried out as well.

Was any work-around discovered? I used the redirect_uris below and the callback via the okta developer console:

“redirect_uris”: [
http://localhost:5000”,
http://localhost:5000/oidc/callback
]

https://uploads.disquscdn.c…

Matt Raible

You should be able to look at your browser’s address bar and see what redirect URI is being sent. Then make sure your app has that URI as a login redirect URI.

Rwothoromo Elijah

Thank you Matt, that worked :sunny:

Kenneth Schoultz

Great tutorial!
I only seem to have problems logging out from the blog. I can’t log out from one userid and log in as a different userid. When clicking on Log in / Register I’m immediately get entered as the previous user without having to log in. And, when logging out I’m not sent to the Logout redirect URI as per what I have specified in the General Settings. Might there have been an update in your solution since this article was updated, and something needs to be changed in the above code?
PS
render_template probably has to be added to the init.py file, i.e. “from flask import Flask, g, render_template”

Randall Degges

Ah, this is because there is no token revocation happening here (so the session is maintained on the Okta side). What you need to do is issue a revocation request like so: https://developer.okta.com/…

Kenneth Schoultz

Would that be adding something like this to the auth.py file:
r=requests.post(‘https://http --form POST https://${yourOktaDomain}/oauth2/default/v1/revoke <br> accept:application/json <br> authorization:‘Basic ZmEz…’ <br> cache-control:no-cache <br> content-type:application/x-www-form-urlencoded <br> token=eyJhbG… <br> token_type_hint=access_token’)

Randall Degges

Yep! I believe that is correct at first glance.