CodexBloom - Programming Q&A Platform

Flask app throwing 'Too Many Redirects' scenarios when implementing OAuth2 with Authlib

πŸ‘€ Views: 298 πŸ’¬ Answers: 1 πŸ“… Created: 2025-08-28
Flask OAuth2 Authlib Python

I'm prototyping a solution and After trying multiple solutions online, I still can't figure this out... I'm working with a 'Too Many Redirects' behavior when trying to implement OAuth2 authentication in my Flask application using the Authlib library. My goal is to allow users to log in with their Google accounts. I've followed several tutorials, but something seems off with the redirect URIs. Here’s the relevant portion of my code: ```python from flask import Flask, redirect, url_for, session from authlib.integrations.flask_client import OAuth app = Flask(__name__) app.secret_key = 'random_secret_key' oauth = OAuth(app) google = oauth.register( 'google', client_id='YOUR_CLIENT_ID', client_secret='YOUR_CLIENT_SECRET', access_token_url='https://accounts.google.com/o/oauth2/token', access_token_params=None, authorize_url='https://accounts.google.com/o/oauth2/auth', authorize_params=None, api_base_url='https://www.googleapis.com/oauth2/v1/', client_kwargs={'scope': 'openid email profile'}, ) @app.route('/login') def login(): redirect_uri = url_for('auth', _external=True) return google.authorize_redirect(redirect_uri) @app.route('/auth') def auth(): token = google.authorize_access_token() user = google.parse_id_token(token) session['user'] = user['email'] return redirect('/dashboard') @app.route('/dashboard') def dashboard(): return f"Welcome {session['user']}!" ``` In my Google Cloud console, I have set up the OAuth2 consent screen and registered the redirect URI as `http://localhost:5000/auth`. Despite this, whenever I attempt to log in, I get an behavior in the console indicating that I'm being redirected multiple times between the `/login` and `/auth` endpoints, leading to the 'Too Many Redirects' behavior. I've ensured that my Flask app is running in debug mode to see the logs, and I noticed that after the redirect from Google, the state and code parameters appear to be correctly passed to my `/auth` route, yet I'm still exploring in a loop. I also tried clearing my browser's cache and cookies, but that didn't resolve the scenario. What am I missing here? My development environment is Linux. What's the best practice here? I'm on Ubuntu 22.04 using the latest version of Python. I'd be grateful for any help. The project is a CLI tool built with Python. For reference, this is a production desktop app.