It's hard for me to use a flash logic structure for authentication. I looked at the documentation as thoroughly as possible, but apparently I am missing something obvious.
class User(): def __init__(self, userid=None, username=None, password=None): self.userid = userid self.username = username self.password = password def is_authenticated(self): return True def is_active(self): return True def is_anonymous(self): return False def get_id(self): return unicode(self.userid) def __repr__(self): return '<User %r>' % self.username def find_by_username(username): try: data = app.mongo.db.users.find_one_or_404({'username': username}) user = User() user.userid = data['_id'] user.username = data['username'] user.password = data['password'] return user except HTTPException: return None def find_by_id(userid): try: data = app.mongo.db.users.find_one_or_404({'_id': userid}) user = User(data['_id'], data['username'], data['password']) return user except HTTPException: return None
Above, my user class is in users/models.py
login_manager = LoginManager() login_manager.init_app(app) login_manager.login_view = 'users.login' @login_manager.user_loader def load_user(userid): return find_by_id(userid)
This is my custom bootloader.
@mod.route('/login/', methods=['GET', 'POST']) def login(): form = LoginForm() if form.validate_on_submit(): pw_hash = hashlib.md5(form.password.data).hexdigest() user = find_by_username(form.username.data) if user is not None: if user.password == pw_hash: if login_user(user): flash('Logged in successfully.') return redirect(request.args.get('next') or url_for('users.test')) else: flash('Error') else: flash('Username or password incorrect') else: flash('Username or password incorrect') return render_template('users/login.html', form=form)
There is apparently no error message, but when I try to access any views decorated with @login_required , it redirects me to the login form. It is better, as I can say, the login_user function does not actually work, although it returns True when I called it. Any advice is appreciated.
source share