from flask import Flask from flask.ext.login import LoginManager app = Flask(__name__) login_manager = LoginManager() login_manager.init_app(app) @login_manager.unauthorized_handler def unauthorized(): return 'You must login to access this page.' @login_manager.user_loader def load_user(userid): return User.get(userid) login_manager.login_view = 'login'
from flask import Flask, render_template, request, redirect, url_for from flask.ext.login import LoginManager, UserMixin, login_user, logout_user, login_required app = Flask(__name__) login_manager = LoginManager() login_manager.init_app(app) class User(UserMixin): def __init__(self, id, name, password): self.id = id self.name = name self.password = password def __repr__(self): return "{}".format(self.name) users = { 1: User(1, 'user1', 'password'), 2: User(2, 'user2', 'password'), 3: User(3, 'user3', 'password') } @app.route('/') def index(): return 'This is a public page' @app.route('/login', methods=['GET', 'POST']) def login(): if request.method == 'POST': name = request.form['name'] password = request.form['password'] for id, user in users.items(): if user.name == name and user.password == password: login_user(user) return redirect(url_for('protected')) return 'Invalid login' else: return render_template('login.html') @app.route('/logout') def logout(): logout_user() return redirect(url_for('index')) @app.route('/protected') @login_required def protected(): return 'This is a protected page' @login_manager.user_loader def load_user(userid): return users.get(int(userid)) login_manager.login_view = 'login'In this example, we define the same Flask app and LoginManager object. We also define a User class and a dictionary of user objects. We then define three routes: the index page (which is public), the login page, and the logout page. The login page displays a form where users can enter their name and password. If a valid name/password combination is entered, the user is logged in using the login_user function, and then redirected to the protected page. The protected page is only accessible to logged-in users, thanks to the @login_required decorator. Finally, we define a user_loader function that loads users based on their ID, and set the login_view attribute to 'login' as before. Overall, the flask.ext.login package provides an easy-to-use and robust solution for handling user authentication and session management in Flask applications.