I'm using flask-login to make sure users are logged in before they can access certain pages. I'm using @login_required on the view I want to protect, but even though I'm setting login_user(user) where I'm wanting to set the user, it does not let me go into my protected route (index). I'm printing out the value of my user_login(user) and it returns True. What am I doing wrong?
@app.route('/')
@app.route('/index')
@login_required
def index():
print("was in here", file=sys.stderr)
return render_template('index.html')
This is the route where I set the user_login(user)
@app.route('/authenticate')
def authenticate():
code = request.args.get('code')
state = request.args.get('state')
quiz_auth_response = quizlet_auth(code, state)
g.token = quiz_auth_response['token']
response = json.loads(make_request(quiz_auth_response['user_name']))
try:
user = models.User.get(models.User.username == response['username'])
login_user(user)
except models.DoesNotExist:
print("does not exist", file=sys.stderr)
user = models.User.create_user(response['username'], response['id'])
return redirect('/index')
else:
login_user(user)
print("log in user " + str(login_user(user)), file=sys.stderr)
login_user(user)
return redirect('/index')
Here is my user_loader
@login_manager.user_loader
def load_user(userid):
try:
return models.User.get(models.User.id == userid)
except models.DoesNotExist:
return None
Here is my User model
sqlite_db = SqliteDatabase('sqlite.db')
class BaseModel(Model):
class Meta:
database = sqlite_db
class User(UserMixin, BaseModel):
username = CharField(unique=True)
quizlet_id = CharField(unique=True)
joined_at = DateTimeField(default=datetime.datetime.now)
@classmethod
def create_user(cls, username, quiz_id, **kwards):
try:
cls.select().where(
(cls.username == username) | (cls.quizlet_id == quiz_id)
).get()
except cls.DoesNotExist:
print("putting user in thing", file=sys.stderr)
user = cls(username = username, quizlet_id = quiz_id)
print(user.username)
user.save()
return user
else:
raise Exception("User with that email exists already")
@staticmethod
def set_password(password):
return generate_password_hash(password.encode('utf-8'))
Just spent the last 2 hours trying to fix this and realized that it was because off the configuration that the login_required was not working
On my local development environment, I had set
app.config['TESTING'] = True
From the flask-login documentation
If the application configuration variable LOGIN_DISABLED or TESTING is set to True, the login_required decorator will be ignored
set it back to this and got it working
app.config['TESTING'] = False