Skip to content
A simple Flask/MongoDB API boilerplate with user account creation, token-based authentication, and login-protected routes.
Python Shell HTML JavaScript CSS
Branch: master
Clone or download
Luke Peters Luke Peters
Latest commit 3681cf9 Mar 15, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
web Fixed form labels on demo front-end app Feb 17, 2019
.gitignore First push to GitHub Feb 17, 2019
Pipfile Switched to isodate vs epoch for all timestamps. Utilzing Python's uu… Mar 15, 2019 Switched to isodate vs epoch for all timestamps. Utilzing Python's uu… Mar 15, 2019
setup Wording change in setup script. Added 'plan' property back onto users. Mar 15, 2019


  • MongoDB
  • Python 3 (defaults to Python 3.7, but you can change this in the Pipfile before setup)

Setup instructions

  1. Clone this repo to your local web server
  2. cd into the directory within the terminal
  3. Run ./setup to setup pipenv and configure the Flask app

Here's a quick video of the setup process (no audio): flask-mongo-api-boilerplate-setup.mp4

Running the app

  1. Run pipenv shell to activate the virtual environment
  2. Run ./run to start the Flask application

Further configuration

You can configure the app manually by editing the api/main/config/config.cfg file.

Auth tokens

There is a very basic front-end example in place within the /web directory. It demonstrates making a few API calls (User Add and User Login).

A successful login request will return two tokens: AccessToken and RefreshToken. These should be saved to localStorage and used to set the AccessToken and RefreshToken request headers for all protected routes (e.g. GET /user/).

You can refresh the AccessToken when it returns as expired by submitting a request to GET /user/auth/.


Please excuse the brief instructions. I've only run this in my own environment (MacOS, Python 3.7, MongoDB 4.0.4, pipenv 2018.11.14) so it may not run out of the box on your computer, but I'd be happy to help debug if you get stuck. Reach out to me on Twitter: @MoonlightLuke

You can’t perform that action at this time.