| Vulnerabilities | |||||
|---|---|---|---|---|---|
| Version | Suggest | Low | Medium | High | Critical |
| 0.6.3 | 0 | 0 | 0 | 0 | 0 |
| 0.6.2 | 0 | 0 | 0 | 0 | 0 |
| 0.6.1 | 0 | 0 | 0 | 0 | 0 |
| 0.6.0 | 0 | 0 | 0 | 0 | 0 |
| 0.5.0 | 0 | 0 | 0 | 0 | 0 |
| 0.4.1 | 0 | 0 | 0 | 0 | 0 |
| 0.4.0 | 0 | 0 | 0 | 0 | 0 |
| 0.3.2 | 0 | 0 | 0 | 0 | 0 |
| 0.3.1 | 0 | 0 | 0 | 0 | 0 |
| 0.3.0 | 0 | 0 | 0 | 0 | 0 |
| 0.2.11 | 0 | 0 | 0 | 0 | 0 |
| 0.2.10 | 0 | 0 | 0 | 0 | 0 |
| 0.2.9 | 0 | 0 | 0 | 0 | 0 |
| 0.2.8 | 0 | 0 | 0 | 0 | 0 |
| 0.2.7 | 0 | 0 | 0 | 0 | 0 |
| 0.2.6 | 0 | 0 | 0 | 0 | 0 |
| 0.2.5 | 0 | 0 | 0 | 0 | 0 |
| 0.2.4 | 0 | 0 | 0 | 0 | 0 |
| 0.2.3 | 0 | 0 | 0 | 0 | 0 |
| 0.2.2 | 0 | 0 | 0 | 0 | 0 |
| 0.2.1 | 0 | 0 | 0 | 0 | 0 |
| 0.2.0 | 0 | 0 | 0 | 0 | 0 |
| 0.1.3 | 0 | 0 | 0 | 0 | 0 |
| 0.1.2 | 0 | 0 | 0 | 0 | 0 |
| 0.1.1 | 0 | 0 | 0 | 0 | 0 |
0.6.3 - This version is safe to use because it has no known security vulnerabilities at this time. Find out if your coding project uses this component and get notified of any reported security vulnerabilities with Meterian-X Open Source Security Platform
Maintain your licence declarations and avoid unwanted licences to protect your IP the way you intended.
MIT - MIT LicenseFlask-Login provides user session management for Flask. It handles the common tasks of logging in, logging out, and remembering your users' sessions over extended periods of time.
Flask-Login is not bound to any particular database system or permissions model. The only requirement is that your user objects implement a few methods, and that you provide a callback to the extension capable of loading users from their ID.
Read the documentation at https://flask-login.readthedocs.io.
Let's walk through setting up a basic application. Note that this is a very basic guide: we will be taking shortcuts here that you should never take in a real application.
To begin we'll set up a Flask app and a LoginManager from Flask-Login.
import flask
import flask_login
app = flask.Flask(__name__)
app.secret_key = "super secret string" # Change this!
login_manager = flask_login.LoginManager()
login_manager.init_app(app)To keep things simple we're going to use a basic User class and a dictionary to
represent a database of users. In a real application, this would be an actual
persistence layer. However, it's important to point out this is a feature of
Flask-Login: it doesn't care how your data is stored so long as you tell it how to
retrieve it!
class User(flask_login.UserMixin):
def __init__(self, email, password):
self.id = email
self.password = password
users = {"leafstorm": User("leafstorm", "secret")}We also need to tell the login manager how to load a user from a request by defining its
user_loader callback. If no user is found it returns None.
@login_manager.user_loader
def user_loader(id):
return users.get(id)Now we're ready to define our views. The login view will populate the session with authentication info. The protected view will only be avialble to authenticated users; visiting it otherwise will show an error. The logout view clearing the session.
@app.get("/login")
def login():
return """<form method=post>
Email: <input name="email"><br>
Password: <input name="password" type=password><br>
<button>Log In</button>
</form>"""
@app.post("/login")
def login():
user = users.get(flask.request.form["email"])
if user is None or user.password != flask.request.form["password"]:
return flask.redirect(flask.url_for("login"))
flask_login.login_user(user)
return flask.redirect(flask.url_for("protected"))
@app.route("/protected")
@flask_login.login_required
def protected():
return flask.render_template_string(
"Logged in as: {{ user.id }}",
user=flask_login.current_user
)
@app.route("/logout")
def logout():
flask_login.logout_user()
return "Logged out"