Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/maxcountryman/flask-login
Flask user session management.
https://github.com/maxcountryman/flask-login
authentication login-system session-management
Last synced: 5 days ago
JSON representation
Flask user session management.
- Host: GitHub
- URL: https://github.com/maxcountryman/flask-login
- Owner: maxcountryman
- License: mit
- Created: 2012-03-11T14:42:33.000Z (almost 13 years ago)
- Default Branch: main
- Last Pushed: 2024-10-25T23:23:06.000Z (about 2 months ago)
- Last Synced: 2024-10-29T15:54:52.007Z (about 2 months ago)
- Topics: authentication, login-system, session-management
- Language: Python
- Homepage: https://flask-login.readthedocs.io/
- Size: 838 KB
- Stars: 3,577
- Watchers: 71
- Forks: 802
- Open Issues: 16
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGES.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-flask - Flask-Login - Flask user session management (Authentication)
- awesome-flask - Flask-Login - Flask user session management (Authentication)
- best-of-web-python - GitHub - 3% open · ⏱️ 01.06.2024): (Authorization & Authentication)
- awesome-python-decorator - flask-login - Login provides user session management for Flask. (Python decorator in the wild)
- awesome-flask - Flask-Login - Flask user session management (Authentication)
- jimsghstars - maxcountryman/flask-login - Flask user session management. (Python)
README
# Flask-Login
Flask-Login provides user session management for [Flask][]. It handles the common
tasks of logging in, logging out, and remembering your users' sessions over
extended periods of time.Flask-Login is not bound to any particular database system or permissions
model. The only requirement is that your user objects implement a few methods,
and that you provide a callback to the extension capable of loading users from
their ID.Read the documentation at .
[Flask]: https://flask.palletsprojects.com
## A Basic Example
Let's walk through setting up a basic application. Note that this is a very basic guide:
we will be taking shortcuts here that you should never take in a real application.To begin we'll set up a Flask app and a `LoginManager` from Flask-Login.
```python
import flask
import flask_loginapp = flask.Flask(__name__)
app.secret_key = "super secret string" # Change this!login_manager = flask_login.LoginManager()
login_manager.init_app(app)
```To keep things simple we're going to use a basic `User` class and a dictionary to
represent a database of users. In a real application, this would be an actual
persistence layer. However, it's important to point out this is a feature of
Flask-Login: it doesn't care how your data is stored so long as you tell it how to
retrieve it!```python
class User(flask_login.UserMixin):
def __init__(self, email, password):
self.id = email
self.password = passwordusers = {"leafstorm": User("leafstorm", "secret")}
```We also need to tell the login manager how to load a user from a request by defining its
`user_loader` callback. If no user is found it returns `None`.```python
@login_manager.user_loader
def user_loader(id):
return users.get(id)
```Now we're ready to define our views. The login view will populate the session with
authentication info. The protected view will only be avialble to authenticated users;
visiting it otherwise will show an error. The logout view clearing the session.```python
@app.get("/login")
def login():
return """
Email:
Password:
Log In
"""@app.post("/login")
def login():
user = users.get(flask.request.form["email"])if user is None or user.password != flask.request.form["password"]:
return flask.redirect(flask.url_for("login"))flask_login.login_user(user)
return flask.redirect(flask.url_for("protected"))@app.route("/protected")
@flask_login.login_required
def protected():
return flask.render_template_string(
"Logged in as: {{ user.id }}",
user=flask_login.current_user
)@app.route("/logout")
def logout():
flask_login.logout_user()
return "Logged out"
```