GAE Glass mirror creating multiple oauth signins per user

Question

I've created a Glass app in Python. I began with the mirror quickstart for Python and have my app running fine except some users are getting multiple notifications. I only have one row per user in my Credentials table, however when I go and look at my own Authorized Access on my account I see that I have my Glass project listed 8 separate times.

Can anyone tell me how to check and see if the user has previously granted access to my app when they sign in and if so then skip creating a new token.

Answer 1

You can use the user's ID to prevent storing more than one credential for each user.

When you complete the OAuth flow, you'll receive an ID token along with the access and refresh tokens. If you decode this token, you'll see something like this:

{
  "iss":"accounts.google.com",  
  "at_hash":"HK6E_P6Dh8Y93mRNtsDB1Q",  
  "email_verified":"true",  
  "sub":"10769150350006150715113082367",
  "azp":"1234987819200.apps.googleusercontent.com",        
  "email":"[email protected]",  
  "aud":"1234987819200.apps.googleusercontent.com",  
  "iat":1353601026,  
  "exp":1353604926 
}

The sub key is the one you're interested in. Use this value to uniquely identify your user. If you see a user authenticate with a user ID that you already know, replace the old value.

If you update your question to include the code you're using for your OAuth flow, we can provide more specific advice. Or, you can learn more about this from Google's OAuth documentation.