arrow_back

App Dev: Adding User Authentication to your Application - Python

Sign in Join
Quick tip: Review the prerequisites before you run the lab
Use an Incognito or private browser window to run this lab. This prevents any conflicts between your personal account and the student account, which may cause extra charges incurred to your personal account.
Test and share your knowledge with our community!
done
Get access to over 700 hands-on labs, skill badges, and courses

App Dev: Adding User Authentication to your Application - Python

Lab 1 hour universal_currency_alt 5 Credits show_chart Intermediate
info This lab may incorporate AI tools to support your learning.
Test and share your knowledge with our community!
done
Get access to over 700 hands-on labs, skill badges, and courses

GSP186

Google Cloud self-paced labs logo

Overview

This lab shows how to add authentication to your application using Identity Platform. This authorization identifies who you are, and determines what you can do. For more information, see Authentication Overview.

Identity Platform provides a drop-in, customizable authentication service for user sign-up and sign-in. Development and admin activities are made easier with a range of app SDKs (Android, iOS, and web) as well as admin SDKs (Node.js, Java, Python, and more). For more information about Identity Platform, see Identity Platform.

The application used in this lab is an online Quiz application. You add Identity Platform authentication, and then configure authentication to use a simple email address and password credential. Finally you ensure that users must register and log in before taking a quiz.

What you'll learn

In this lab, you perform the following tasks:

  • Add Identity Platform configuration to a client-side web application
  • Write Python code to integrate Identity Platform Authentication into a client-side web application

Setup and requirements

Before you click the Start Lab button

Read these instructions. Labs are timed and you cannot pause them. The timer, which starts when you click Start Lab, shows how long Google Cloud resources are made available to you.

This hands-on lab lets you do the lab activities in a real cloud environment, not in a simulation or demo environment. It does so by giving you new, temporary credentials you use to sign in and access Google Cloud for the duration of the lab.

To complete this lab, you need:

  • Access to a standard internet browser (Chrome browser recommended).
Note: Use an Incognito (recommended) or private browser window to run this lab. This prevents conflicts between your personal account and the student account, which may cause extra charges incurred to your personal account.
  • Time to complete the lab—remember, once you start, you cannot pause a lab.
Note: Use only the student account for this lab. If you use a different Google Cloud account, you may incur charges to that account.

How to start your lab and sign in to the Google Cloud console

  1. Click the Start Lab button. If you need to pay for the lab, a dialog opens for you to select your payment method. On the left is the Lab Details pane with the following:

    • The Open Google Cloud console button
    • Time remaining
    • The temporary credentials that you must use for this lab
    • Other information, if needed, to step through this lab

  2. Click Open Google Cloud console (or right-click and select Open Link in Incognito Window if you are running the Chrome browser).

    The lab spins up resources, and then opens another tab that shows the Sign in page.

    Tip: Arrange the tabs in separate windows, side-by-side.

    Note: If you see the Choose an account dialog, click Use Another Account.

  3. If necessary, copy the Username below and paste it into the Sign in dialog.

    {{{user_0.username | "Username"}}}

    You can also find the Username in the Lab Details pane.

  4. Click Next.

  5. Copy the Password below and paste it into the Welcome dialog.

    {{{user_0.password | "Password"}}}

    You can also find the Password in the Lab Details pane.

  6. Click Next.

    Important: You must use the credentials the lab provides you. Do not use your Google Cloud account credentials. Note: Using your own Google Cloud account for this lab may incur extra charges.

  7. Click through the subsequent pages:

    • Accept the terms and conditions.
    • Do not add recovery options or two-factor authentication (because this is a temporary account).
    • Do not sign up for free trials.

After a few moments, the Google Cloud console opens in this tab.

Note: To access Google Cloud products and services, click the Navigation menu or type the service or product name in the Search field. Navigation menu icon and Search field

Activate Cloud Shell

Cloud Shell is a virtual machine that is loaded with development tools. It offers a persistent 5GB home directory and runs on the Google Cloud. Cloud Shell provides command-line access to your Google Cloud resources.

  1. Click Activate Cloud Shell Activate Cloud Shell icon at the top of the Google Cloud console.

  2. Click through the following windows:

    • Continue through the Cloud Shell information window.
    • Authorize Cloud Shell to use your credentials to make Google Cloud API calls.

When you are connected, you are already authenticated, and the project is set to your Project_ID, . The output contains a line that declares the Project_ID for this session:

Your Cloud Platform project in this session is set to {{{project_0.project_id | "PROJECT_ID"}}}

gcloud is the command-line tool for Google Cloud. It comes pre-installed on Cloud Shell and supports tab-completion.

  1. (Optional) You can list the active account name with this command:
gcloud auth list
  1. Click Authorize.

Output:

ACTIVE: * ACCOUNT: {{{user_0.username | "ACCOUNT"}}} To set the active account, run: $ gcloud config set account `ACCOUNT`
  1. (Optional) You can list the project ID with this command:
gcloud config list project

Output:

[core] project = {{{project_0.project_id | "PROJECT_ID"}}} Note: For full documentation of gcloud, in Google Cloud, refer to the gcloud CLI overview guide.

Launch the Cloud Shell code editor

From Cloud Shell toolbar, move Cloud Shell to a new window by clicking the Open in new window icon Open in new window icon, then click Open Editor Open Editor icon icon to launch the code editor.

In the Cloud Shell terminal, run the following command to configure your Project ID, replacing <YOUR-PROJECT-ID> with your lab Project ID:

gcloud config set project <YOUR-PROJECT-ID>

Authorize Cloud Shell.

Task 1. Prepare the case study application

In this task, you clone, configure, and run the Quiz application.

Clone source code in Cloud Shell

  1. Clone the application skeleton from a repository on GitHub.com:

    git clone https://github.com/GoogleCloudPlatform/training-data-analyst

  2. Create a soft link as a shortcut to the working directory:

    ln -s ~/training-data-analyst/courses/developingapps/v1.3/python/firebase ~/firebase

Configure and run the case study application

  1. Navigate to the directory that contains the sample files for this lab:

    cd ~/firebase/start

  2. Run the following command to change the region from us-central to your default assigned region:

    export REGION={{{ project_0.startup_script.app_region | REGION }}} sed -i "s/us-central/$REGION/g" prepare_environment.sh

  3. Configure the application:

    . prepare_environment.sh

    This script file:

    • Creates an App Engine application.
    • Creates a Cloud Storage bucket named gs:[Project-ID]-media.
    • Exports two environment variables: GCLOUD_PROJECT and GCLOUD_BUCKET.
    • Creates a virtualenv isolated Python environment for Python 3 and activates it.
    • Runs > pip install -r requirements.txt.
    • Creates entities in Cloud Datastore.
    • Prints out the Google Cloud Platform Project ID.

Click Check my progress to verify the objective. Configure the case study application

  1. Run the application:

    python run_server.py

Start the case study application

  • In Cloud Shell, click Web preview Web preveiw icon > Preview on port 8080 to preview the Quiz application.

Leave this window open because you need the Cloud Shell Web preview domain later in this lab.

Task 2. Examine the case study application code

In this task you examine the case study application code. You can use the shell editors that are installed on Cloud Shell, such as nano or vim or the Cloud Shell code editor.

This lab uses the Cloud Shell code editor to review the Quiz application code.

Launch the Cloud Shell code editor

  • From Cloud Shell, click Open Editor to launch the code editor.

Open Editor button

Note: If necessary, click Open in a new window. You can switch back to the terminal with Open Terminal.

Review the client application

  1. Navigate to the /firebase/start folder using the file browser panel on the left side of the code editor.

  2. Continue navigating. Open ...quiz/webapp/static/client/. Click on the index.html file.

    This file is the single page in the AngularJS Single Page Application (SPA). It contains <script></script> tags for the application libraries and code, and markup where the SPA will render dynamic output.

  3. Select the qiq-login-template.html file in the ...quiz/webapp/static/client/app/auth/ folder.

    This file contains the AngularJS template for the Login component. Notice how it contains a couple of textboxes and a button. The button has an event handler that runs code when it is clicked.

  4. Still in this folder, select the qiq-login.js file.

    This file contains an AngularJS component. It allows the user to log in to the application or to navigate to a registration page.

Task 3. Configure Identity Platform Authentication

In this task, you configure Identity Platform to sign in a user with an email and password. You then create a user which you can use to login to the Quiz Application.

Configure Identity Platform for email and password

  1. In the Google Cloud Console, on the Navigation menu (Navigation menu icon), click Identity Platform.

  2. Click Enable Identity Platform.

    Note: If you see the Leave site pop-up message, click Leave.

    The Identity Platform page appears in the Cloud Console.

    The Add a Provider button.

  3. Click Add a Provider.

  4. In the Sign-in method window, for Select a provider, select Email / Password.

  5. Click Enabled.

  6. In the Authorized Domains pane, click Add Domain.

  7. Return to the running Quiz Application and copy the domain which has the format below

8080-27542cac-44d0-41a9-9e96-065800c2100c.ql-{{{project_0.default_region | "REGION"}}}-ctgq.cloudshell.dev

Add authorized domain dialog box

  1. Paste the domain into the Domain field.

  2. Modify the pasted domain so that only the domain name is in the Domain field.

    You should remove https:// and anything that follows the domain name, including slashes. The domain name should end with cloudshell.dev.

  3. Click Save.

Note: If you receive an error message indicating that you should try again later, you probably submitted more than just the domain name. You should click Cancel in the dialog box and then click Add Domain to try again.

  1. In the new identity provider window click Save.

    You may need to scroll down to see the Save button.

Add a user

  1. In the Identity Platform pane, click Users.

  2. Click Add User.

  3. In the Add user dialog box, specify the following:

    Email

    user1@example.com

    Password

    abc123!

  4. Click Add.

Click Check my progress to verify the objective. Configure Identity Platform Authentication

Task 4. Integrate a client-side web application with Identity Platform

In this task you apply your Identity Platform configuration to your client-side web application.

  1. In the navigation pane, click Providers.

  2. Click Application Setup Details.

  3. In the Configure your application dialog box, copy the Identity Platform markup.

    The highlighted Copy icon

  4. Click Close.

  5. In the Cloud Shell code editor, open the index.html file in ...webapp/static/client/.

  6. Paste the configuration markup just before the other <script></script> tags at the bottom of the page.

  7. Save the index.html file.

Task 5. Run the application

In this task you verify that you can login to the Quiz Application using the credentials you created in Identity Platform in a previous step. You then register a new user in the Quiz Application and verify that these credentials are added to Identity Platform.

  1. Return to the Quiz application and refresh your browser.

  2. In the navigation bar, click Take Test.

    The Quite Interesting Quiz page.

  3. In the navigation bar, click GCP, People, or Places.

    Note: The quiz pages will be blank because you should not be able to take a test without being logged in.

  4. In the navigation bar, enter the following invalid credentials:

    Email

    user2@example.com

    Password

    abcd1234$

  5. Click Login.

    Note: Login will fail because the user is not registered.

  6. Enter the following credentials that you created in a previous task:

    Email

    user1@example.com

    Password

    abc123!

  7. Click Login.

    The user's email address should be shown in the navigation bar, and the first question will be presented.

    Note: If the login does not work, the password may not have been configured correctly. Return to the Users page in Identity Platform and delete user1@example.com, and then add user1@example.com with the correct password.

  8. In the navigation bar, click Logout.

  9. Click the Register link.

  10. In the new form, enter the following credentials:

    Email

    user2@example.com

    Password

    abcd1234$

  11. Click Register.

    A complex password is required. If you have entered an acceptable password, you should be logged in and redirected to the GCP quiz.

    You are able to answer questions and submit answers.

  12. In the navigation bar, click Logout.

    Note: You will be logged out and redirected to the Quiz homepage.

  13. In the Google Cloud Console, in the Identity Platform navigation pane, click Users.

    Note: You should see user2@example.com has been added as a user.

Congratulations!

In this lab, you learned how to use Identity Platform to enable email and password registration for your application.

Manual last updated November 13, 2024

Lab last tested November 13, 2024

Copyright 2025 Google LLC All rights reserved. Google and the Google logo are trademarks of Google LLC. All other company and product names may be trademarks of the respective companies with which they are associated.

Before you begin

  1. Labs create a Google Cloud project and resources for a fixed time
  2. Labs have a time limit and no pause feature. If you end the lab, you'll have to restart from the beginning.
  3. On the top left of your screen, click Start lab to begin

Use private browsing

  1. Copy the provided Username and Password for the lab
  2. Click Open console in private mode

Sign in to the Console

  1. Sign in using your lab credentials. Using other credentials might cause errors or incur charges.
  2. Accept the terms, and skip the recovery resource page
  3. Don't click End lab unless you've finished the lab or want to restart it, as it will clear your work and remove the project

This content is not currently available

We will notify you via email when it becomes available

Great!

We will contact you via email if it becomes available

One lab at a time

Confirm to end all existing labs and start this one

Setup your console before you begin

Use an Incognito or private browser window to run this lab. This prevents any conflicts between your personal account and the Student account, which may cause extra charges incurred to your personal account.