A little test/example of manipulating with discord oauth2 api

run.py

@@ -2,4 +2,6 @@
 from titanembeds.app import app
 
 if __name__ == "__main__":
+    import os
+    os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' # Testing oauthlib
     app.run(host="0.0.0.0",port=3000,debug=True)

titanembeds/app.py

@@ -2,6 +2,7 @@ from config import config
 from database import db
 from flask import Flask, render_template, request, session, url_for, redirect
 import blueprints.api
+import blueprints.user
 import os
 
 
@@ -14,6 +15,7 @@ app.secret_key = config['app-secret']
 db.init_app(app)
 
 app.register_blueprint(blueprints.api.api, url_prefix="/api", template_folder="/templates")
+app.register_blueprint(blueprints.user.user, url_prefix="/user", template_folder="/templates")
 
 @app.route("/set_username/<guildid>/<channelid>", methods=["GET"])
 def get_set_username(guildid, channelid):

titanembeds/blueprints/user/__init__.py

@@ -0,0 +1 @@
+from user import user

titanembeds/blueprints/user/user.py

@@ -0,0 +1,67 @@
+from flask import Blueprint, request, redirect, jsonify, abort, session
+from requests_oauthlib import OAuth2Session
+from config import config
+
+user = Blueprint("user", __name__)
+redirect_url = config['app-base-url'] + "/user/callback"
+authorize_url = "https://discordapp.com/api/oauth2/authorize"
+token_url = "https://discordapp.com/api/oauth2/token"
+avatar_base_url = "https://cdn.discordapp.com/avatars/"
+
+def make_session(token=None, state=None, scope=None):
+    return OAuth2Session(
+        client_id=config['client-id'],
+        token=token,
+        state=state,
+        scope=scope,
+        redirect_uri=redirect_url,
+    )
+
+def get_current_user():
+    token = session['discord_token']
+    discord = make_session(token=token)
+    req = discord.get("https://discordapp.com/api/users/@me")
+    if req.status_code != 200:
+        abort(req.status_code)
+    user = req.json()
+    return user
+
+@user.route("/login_authenticated", methods=["GET"])
+def login_authenticated():
+    scope = ['identify', 'guilds', 'guilds.join']
+    discord = make_session(scope=scope)
+    authorization_url, state = discord.authorization_url(
+        authorize_url,
+        access_type="offline"
+    )
+    session['oauth2_state'] = state
+    return redirect(authorization_url)
+
+@user.route('/callback', methods=["GET"])
+def callback():
+    state = session.get('oauth2_state')
+    if not state or request.values.get('error'):
+        return "state error"
+    discord = make_session(state=state)
+    discord_token = discord.fetch_token(
+        token_url,
+        client_secret=config['client-secret'],
+        authorization_response=request.url)
+    if not discord_token:
+        return "no discord token"
+    session['discord_token'] = discord_token
+    return str(discord_token)
+
+@user.route('/logout', methods=["GET"])
+def logout():
+    session.clear()
+    return "logged out"
+
+@user.route('/me')
+def me():
+    return jsonify(user=get_current_user())
+
+@user.route('/avatar')
+def avatar():
+    user = get_current_user()
+    return avatar_base_url + str(user['id']) + '/' + str(user['avatar']) + '.jpg'