1、用户认证模块 | Flask-Login
1.1 准备用于登陆的用户模型
模型继承UserMixin
1 from app import db 2 from werkzeug.security import generate_password_hash,check_password_hash 3 from flask_login import UserMixin 4 from . import login_manger 5 6 @login_manger.user_loader 7 def load_user(user_id): 8 return User.query.get(int(user_id)) 9 10 class Role(db.Model): 11 __tablename__ = 'roles' 12 id = db.Column(db.Integer,primary_key=True) 13 name = db.Column(db.String(64),unique=True) 14 users = db.relationship('User',backref='role') 15 def __repr__(self): 16 return '<Role %r>'%self.name 17 18 class User(UserMixin,db.Model): 19 __tablename__ = 'users' 20 id = db.Column(db.Integer,primary_key=True) 21 username = db.Column(db.String(64),unique=True,index=True) 22 password_hash = db.Column(db.String(128)) 23 role_id = db.Column(db.Integer, db.ForeignKey('roles.id')) 24 email = db.Column(db.String(128)) 25 26 @property 27 def password(self): 28 raise AttributeError('密码不可读') 29 30 @password.setter 31 def password(self,password): 32 self.password_hash = generate_password_hash(password) 33 34 def verify_password(self,password): 35 return check_password_hash(self.password_hash,password) 36 37 def __repr__(self): 38 return '<Role %r>'%self.username
初始化登陆
1 from flask import Flask,render_template 2 from flask_sqlalchemy import SQLAlchemy 3 from config import Config 4 from flask_login import LoginManager 5 6 db = SQLAlchemy() 7 login_manger = LoginManager() 8 login_manger.session_protection = 'strong' 9 login_manger.login_view = 'auth.login' 10 11 def create_app(): 12 app = Flask(__name__) 13 app.config.from_object(Config) 14 Config.init_app(app) 15 db.init_app(app) 16 login_manger.init_app(app) 17 from .main import main as main_blueprint 18 app.register_blueprint(main_blueprint) 19 from .auth import auth as auth_blueprint 20 app.register_blueprint(auth_blueprint,url_prefix='/auth') 21 return app
1.2 保护路由
@login_required
1 from datetime import datetime 2 from flask import render_template,session,redirect,url_for 3 from . import main 4 from .forms import NameForm 5 from .. import db 6 from .. import models 7 from flask_login import login_required 8 9 10 @main.route('/',methods=['GET','POST']) 11 @login_required 12 def index(): 13 form = NameForm() 14 if form.validate_on_submit(): 15 session['name'] = form.name.data 16 session['ip'] = form.ip.data 17 form.name.data='' 18 form.ip.data='' 19 return redirect(url_for('.index')) 20 return render_template('index.html',form=form,name=session.get('name'),ip=session.get('ip'))
1.3 登陆页面
在前端可以使用current_user对象
1 {% extends 'base.html' %} 2 {% block head %}{{ super() }}{% endblock %} 3 {% block title %}登陆{% endblock %} 4 {% block body %} 5 <h1> 6 7 </h1> 8 {% if current_user.is_authenticated %} 9 <h1>欢迎{{ current_user.username }}</h1> 10 <p><a href="{{ url_for('auth.logout') }}">登出</a></p> 11 {% else %} 12 <h1>登录页面</h1> 13 <form method="post" action=""> 14 {{ form.hidden_tag() }} 15 <p>{{ form.email.label }}{{ form.email }}</p> 16 <p>{{ form.password.label }}{{ form.password }}</p> 17 <p>{{ form.sumbit }}</p> 18 <p>{{ form.remember_me.label }}{{ form.remember_me }}</p> 19 </form> 20 <p><a href="{{ url_for('auth.register') }}">注册</a></p> 21 {% endif %} 22 {% endblock %}
1.4 登入登出注册用户
login_user('用户模型对象','True/False')
logout_user()
1 from flask import render_template,redirect,request,url_for,flash 2 from flask_login import login_user,login_required,logout_user 3 from . import auth 4 from ..models import User,db 5 from .forms import LoginForm,RegistrationForm 6 7 @auth.route('/login',methods=['GET','POST']) 8 def login(): 9 form = LoginForm() 10 user = User.query.filter_by(email=form.email.data).first() 11 if user is not None and user.verify_password(form.password.data): 12 login_user(user,form.remember_me.data) 13 return redirect(url_for('main.index')) 14 return render_template('auth/login.html',form=form) 15 16 @auth.route('/logout') 17 @login_required 18 def logout(): 19 logout_user() 20 flash('你已经登出了') 21 return redirect(url_for('main.index')) 22 23 24 @auth.route('/register',methods=['GET','POST']) 25 def register(): 26 form = RegistrationForm() 27 if form.validate_on_submit(): 28 user = User(email=form.email.data,username=form.username.data,password=form.password1.data) 29 db.session.add(user) 30 db.session.commit() 31 return redirect(url_for('auth.login')) 32 return render_template('auth/register.html',form=form)
2、用户角色权限 |