2
我正在使用Flask應用程序並使用Flask登錄進行身份驗證。一切都建立並運行。但是,當用戶登錄並嘗試訪問需要登錄的頁面時,它們將被重定向到登錄頁面。Python瓶登錄login_required重定向
當看控制檯時,我得到了一個用於GET登錄頁面的200,一個用於登錄的POST 200,一個從登錄頁面到主頁的302,然後從主頁返回302到登錄。
查看下面的代碼。
from flask import (Flask, render_template, g, flash, redirect, url_for,
request)
from flask_bcrypt import check_password_hash
from flask_login import (LoginManager, UserMixin, login_required, login_user,
logout_user, current_user)
import models
import forms
application = Flask(__name__)
application.secret_key = "xxx-xxx-xxx-xxx"
login_manager = LoginManager()
login_manager.init_app(application)
login_manager.login_view = "login"
@application.before_request
def before_request():
g.db = models.DATABASE
g.db.connect()
g.user = current_user
@application.after_request
def after_request(response):
g.db.close()
return response
@login_manager.user_loader
def load_user(email):
try:
return models.User.select().where(
models.User.email == email).get()
except models.DoesNotExist:
return None
@application.route("/register", methods=['GET', 'POST'])
def register():
form = forms.RegisterForm()
if form.validate_on_submit():
flash("Yay! You registered!", "success")
models.User.create_user(
email = form.email.data,
password = form.password.data
)
return redirect(url_for('home'))
return render_template('register.html',form=form)
@application.route("/login", methods=['GET', 'POST'])
def login():
form = forms.LoginForm()
if form.validate_on_submit():
next = request.args.get('next')
try:
user = models.User.get(models.User.email == form.email.data)
except models.DoesNotExist:
flash("Your email or password doesn't match!", "error")
else:
if check_password_hash(user.password, form.password.data):
login_user(user, remember=True)
flash("Welcome back!", "success")
return redirect(next or url_for("home"))
else:
flash("Your email or password doesn't match!", "error")
return render_template("login.html", form=form)
@application.route("/logout")
@login_required
def logout():
logout_user()
flash("You've been logged out!", "success")
return redirect(url_for("home"))
@application.route("/")
@login_required
def home():
return render_template("home.html")
if __name__ == "__main__":
models.initialize()
application.run(host='0.0.0.0')
這裏是模型:
import datetime
from flask_login import UserMixin
from flask_bcrypt import generate_password_hash, check_password_hash
from peewee import *
DATABASE = MySQLDatabase("fakedatabasename", host="fakehostname", user="fakeusername", password="fakepassword")
class BaseModel(Model):
class Meta:
database = DATABASE
class Preachers(BaseModel):
preacher_id = PrimaryKeyField()
preacher_first_name = CharField(max_length=27)
preacher_last_name = CharField(max_length=27)
preacher_email = CharField()
class Sermons(BaseModel):
sermon_id = PrimaryKeyField()
sermon_title = CharField(max_length=27)
sermon_description = CharField(max_length=140)
sermon_date = DateTimeField(default=datetime.datetime.now())
sermon_preacher_id = IntegerField()
sermon_video_uri = CharField(max_length=255)
class User(UserMixin,BaseModel):
user_id = PrimaryKeyField()
email = CharField(index=True, unique=True)
password = CharField()
date_created = DateTimeField(default=datetime.datetime.now())
@classmethod
def create_user(cls, email, password):
try:
cls.create(
email = email,
password = generate_password_hash(password)
)
except IntegrityError:
raise ValueError("User already exists")
def initialize():
DATABASE.connect()
DATABASE.create_tables([Preachers, Sermons, User], safe=True)
DATABASE.close()
雖然您正在運行本地,請不要共享密鑰 – glls
您應該現在更改密鑰。這是一個巨大的安全漏洞。 –
你的用戶模型是什麼樣的?你是否從'User.get_id'返回'self.email'? – dirn