python - Flask-Login opens login-required pages for Anonymous Users -
in flask app, want redirect users logged in members area when open login page. using flask-login extension.
now issue anonymous users can open member page without having log in though has login-required decorator. when checked terminal error on members page opened anonymous user:
error on request: traceback (most recent call last): file "/home/maxwell/py/aqua/lib/python2.7/site-packages/werkzeug/serving.py", line 209, in run_wsgi execute(self.server.app) file "/home/maxwell/py/aqua/lib/python2.7/site-packages/werkzeug/serving.py", line 200, in execute write(data) file "/home/maxwell/py/aqua/lib/python2.7/site-packages/werkzeug/serving.py", line 168, in write self.send_header(key, value) file "/usr/lib/python2.7/basehttpserver.py", line 412, in send_header self.wfile.write("%s: %s\r\n" % (keyword, value)) ioerror: [errno 32] broken pipe this flask code. pasting bits think necessary:
import os flask import flask, render_template, redirect, flash, request, url_for flask_login import loginmanager, login_user, logout_user, login_required, current_user flask_bcrypt import bcrypt flask_debugtoolbar import debugtoolbarextension flask_sqlalchemy import sqlalchemy sqlalchemy.exc import integrityerror forms import loginform, registerform flask_bootstrap import bootstrap datetime import timedelta ############## ### config ### ############## app = flask(__name__) app.config.from_object('config') db = sqlalchemy(app) models import user, pvalue, history, anonymous ############## # extensions # ############## login_manager = loginmanager() login_manager.init_app(app) bcrypt = bcrypt(app) toolbar = debugtoolbarextension(app) bootstrap = bootstrap(app) ################## ####flask-login### ################## login_manager.login_view = "login" login_manager.login_message_category = 'danger' login_manager.anonymous_user = anonymous @login_manager.user_loader def load_user(user_id): return user.query.filter(user.id == user_id).first() @app.route('/', methods = ['get','post']) def login(): if current_user.is_authenticated(): return redirect(url_for('dashboard')) form = loginform(request.form) if request.method == 'post': print("first if") if form.validate_on_submit(): print("second if") user1 = user.query.filter_by(username = form.username.data).first() if user1 , bcrypt.check_password_hash(user1.password, request.form['password']): login_user(user1) flash('you logged in. welcome!','success') return redirect(url_for('dashboard')) else: flash('invalid username and/or password.','danger') return render_template('login.html', title = "please login", form = form) else: return render_template('login.html', form=form) i using current_user.is_authenticated() check if user logged in.
now set login view 'login' default when anonymous user enters route login-required decorator supposed go login route not happen.
and models.py containing anonymoususermixin object necessary return values anonymous user:
from views import db import datetime flask_login import usermixin, anonymoususermixin class user(db.model, usermixin): __tablename__ = 'users' id = db.column(db.integer, primary_key=true) username = db.column(db.string, nullable = false) password = db.column(db.string, nullable = false) def __init__(self, username = none, password = none): self.username = username self.password = password def is_authenticated(self): return true def is_active(self): return true def is_anonymous(self): return false def get_id(self): return self.id class anonymous(anonymoususermixin): def __init__(self): print "exec" def is_authenticated(self): return false def is_active(self): return false def is_anonymous(self): return true def get_id(self): return none i not able figure out why broken pipe error keeps occurring. installed library or there mistake in code?
i solved removing other methods anonymous class. anonymous class has username assigned guest.
class anonymous(anonymoususermixin): def __init__(self): self.username = 'guest' then check if user logged in put
if current_user not 'guest': return redirect(url_for('dashboard')) but still don't know why earlier is_authenticated method did not work.
Comments
Post a Comment