{"id":2508,"library":"flask-openid","title":"Flask-OpenID","description":"Flask-OpenID is a Flask extension that provides OpenID 1.x and 2.x authentication support for web applications. The current version is 1.3.1, released in 2021. It is in maintenance mode, primarily for existing applications, as the OpenID Connect standard has largely superseded OpenID 1/2 for new development.","status":"maintenance","version":"1.3.1","language":"en","source_language":"en","source_url":"https://github.com/mitsuhiko/flask-openid/","tags":["flask","openid","authentication","web","legacy"],"install":[{"cmd":"pip install flask-openid","lang":"bash","label":"Install stable version"}],"dependencies":[{"reason":"Core library for OpenID 1.x/2.x protocol handling.","package":"python-openid"}],"imports":[{"symbol":"OpenID","correct":"from flask_openid import OpenID"}],"quickstart":{"code":"import os\nfrom flask import Flask, render_template, session, request, redirect, url_for\nfrom flask_openid import OpenID\n\napp = Flask(__name__)\napp.config.update(\n    SECRET_KEY=os.environ.get('FLASK_SECRET_KEY', 'a_very_secret_key_for_dev'), # CHANGE THIS FOR PROD\n    OPENID_FS_STORE=os.path.join(os.path.dirname(__file__), 'tmp', 'openid_store')\n)\noid = OpenID(app)\n\n@app.route('/')\n@oid.loginhandler\ndef index():\n    if oid.fetch_user():\n        return f'Hello, {session[\"name\"]}! <p><a href=\"{url_for(\"logout\")}\">Logout</a></p>'\n    return render_template('login.html', next=oid.get_next_url(), error=oid.fetch_error())\n\n@app.route('/login', methods=['GET', 'POST'])\n@oid.loginhandler\ndef login():\n    if oid.fetch_user():\n        return redirect(oid.get_next_url())\n    if request.method == 'POST':\n        openid = request.form.get('openid_identifier')\n        if openid:\n            return oid.try_login(openid, ask_for=['email', 'nickname'],\n                                 ask_for_optional=['fullname'])\n    return render_template('login.html', next=oid.get_next_url(),\n                           error=oid.fetch_error())\n\n@app.route('/logout')\ndef logout():\n    oid.logout()\n    return redirect(oid.get_next_url())\n\n@oid.after_login\ndef create_or_login(resp):\n    session['openid'] = resp.identity_url\n    session['name'] = resp.fullname or resp.nickname or resp.identity_url\n    return redirect(oid.get_next_url())\n\nif __name__ == '__main__':\n    # Create necessary directories and a minimal login.html for the quickstart to run\n    os.makedirs(app.config['OPENID_FS_STORE'], exist_ok=True)\n    os.makedirs('templates', exist_ok=True)\n    with open('templates/login.html', 'w') as f:\n        f.write('''\n<!doctype html>\n<html>\n<head><title>Login</title></head>\n<body>\n    <h1>Login with OpenID</h1>\n    {% if error %}<p style=\"color: red;\">Error: {{ error }}</p>{% endif %}\n    <form action=\"{{ url_for('login') }}\" method=\"post\">\n        <dl>\n            <dt>OpenID:</dt>\n            <dd><input type=\"text\" name=\"openid_identifier\" value=\"\" placeholder=\"e.g. https://openid.aol.com/yourusername\" /></dd>\n            <dd><input type=\"submit\" value=\"Login\" /></dd>\n        </dl>\n    </form>\n    <p><a href=\"{{ url_for('logout') }}\">Logout</a></p>\n</body>\n</html>\n''')\n    app.run(debug=True)","lang":"python","description":"This quickstart demonstrates a basic Flask application using Flask-OpenID for user authentication. It includes routes for login, logout, and handling OpenID responses, creating a temporary file-based store for OpenID data. Ensure to set the `FLASK_SECRET_KEY` environment variable in production."},"warnings":[{"fix":"Evaluate your authentication requirements. If OIDC is needed, use an alternative library.","message":"Flask-OpenID exclusively supports OpenID 1.x and 2.x standards, NOT the more modern OpenID Connect (OIDC). If you need OIDC support, consider libraries like Flask-OIDC, Authlib, or direct integration with OAuth2/OIDC providers.","severity":"gotcha","affected_versions":"All versions"},{"fix":"Ensure your project runs on Python 3.x. For older Python 2.x projects, you would need to stick to `flask-openid<1.3.0`.","message":"Version 1.3.0 and later of Flask-OpenID are Python 3-only. Support for Python 2.x was dropped.","severity":"breaking","affected_versions":">=1.3.0"},{"fix":"Always use a strong, randomly generated `SECRET_KEY` (e.g., from `os.urandom(24)`) and manage it securely, typically via environment variables, in production environments.","message":"The `SECRET_KEY` configuration is critical for session security. Using a weak or default key like 'a_very_secret_key_for_dev' in production is a severe security risk.","severity":"gotcha","affected_versions":"All versions"},{"fix":"For new applications, investigate modern authentication solutions such as Flask-Login combined with OAuth2/OIDC providers (e.g., Google, GitHub, Okta), or dedicated SSO solutions.","message":"Given the deprecation of OpenID 1.x/2.x in favor of OpenID Connect, Flask-OpenID is largely considered a legacy solution. It is not actively developed for new features or modern security enhancements related to current web authentication standards.","severity":"deprecated","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-10T00:00:00.000Z","next_check":"2026-07-09T00:00:00.000Z"}