Flask-login not logging in-CodePudding

Flask-login should log in and redirect to /home, but instead logging in goes to the unauthorized handler and back to the login page.

Here's my app.py:

#!/usr/bin/python3
from flask import Flask, request, render_template, url_for, redirect
from ft_libraries import *
from flask_login import LoginManager, login_user, login_required

with open(os.path.join(sys.path[0], "settings.json"), "r") as f:
    config=json.load(f)


app = Flask(__name__)
app.config['SECRET_KEY'] = "SuperSecretKey!"
app.config['TESTING'] = False


login_manager=LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'login'

@login_manager.user_loader
def load_user(user):
    user = User(username, password)
    if user.is_authenticated():
        return user
    else:
        return None

@login_manager.unauthorized_handler
def unauthorized():
    return redirect('/login?next='   request.path)


@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        username=request.form['username']
        password=request.form['password']
        global user_login
        user_login=User(username, password)
        if user_login.is_authenticated():
            login_user(user_login, remember=True)
            return redirect(url_for('home'))
        else:
            return render_template('login.html', error='<div class="error">Er is een probleem opgetreden.</div>')

    return render_template('login.html')

@app.route('/home')
@login_required
def home():
    return render_template('base.html', uid=user_login.get_id())


@app.route("/home/postcodecheck", methods=['GET', 'POST'])
@login_required
def postcodecheck():

    if request.method=='GET':
        return render_template('tools/postcodecheck/_input.html', uid="Testgebruiker")

    if request.method=='POST':
        ref=request.form['reference']
        pofo=request.form["portfolio"]
        zip=request.form['zipcode']
        housenr=request.form['housenr']
        housenrext=request.form.get('housenrextension')

        output = fieldtoolslib.PostcodeCheck( ref, pofo,
                                            zip, housenr,
                                            housenrext).get_tables()

        return render_template('tools/postcodecheck/_output.html', output=output)


if __name__ == '__main__':
    app.run(debug=True)

aswell as my User object, which works using LDAP and some static returns(which aren't gonna be used):

class User:
    def __init__(self, username, password):
        self.username = username
        self.password = password
    def is_authenticated(self):
        if LdapConn(ldap_server, self.username, self.password).confirm_login():
            return True
        else:
            return False
    def is_active(self):
        return True
    def is_anonymous(self):
        return False
    def get_id(self):
        domain,id = self.username.split("\\")
        return id

What it should be doing is redirect the user to the place it came from, or to /home, but instead it redirects to /login?next=/home.

CodePudding user response：

In your unauthorized_handler you explicitly redirect to /login?next=

@login_manager.unauthorized_handler
def unauthorized():
return redirect('/login?next='   request.path)

You should get the next element and then redirect to it without prefixing /login

next = flask.request.args.get('next')
    # is_safe_url should check if the url is safe for redirects.
    # See http://flask.pocoo.org/snippets/62/ for an example.

if not is_safe_url(next):
   return flask.abort(400)

return flask.redirect(next or flask.url_for('index'))

CodePudding user response：

I fixed it. On Line 22, I changed:

if user.is_authenticated()

if user.is_authenticated:

This fixed my issue.

I thought it had to be a method, however, is_authenticated is a property of user, not a method that is applicable. Therefore, changing it fixed the issue.