Flask 何时存储用户的身份验证?
When does Flask store the user's authentication?
我创建了这个表格:
<html>
<body>
<div>
<form action="{{ url_for('login') }}" method="POST">
<div class="row">
<div>
<input id="email" name="email" type="email" class="validate">
<label for="email">Email</label>
</div>
</div>
<div class="row">
<div>
<input id="password" type="password" name="password" class="validate">
<label for="password">Password</label>
</div>
</div>
<button type="submit" id="login" >Login</button>
<br>
</form>
<div>
</body>
</html>
我有这个使用 HTTPBasicAuth 进行身份验证的 Flask 应用程序。
#!flask/bin/python
from flask import Flask, jsonify, abort, request, make_response, url_for
from flask import render_template
from flask_httpauth import HTTPBasicAuth
#Needs: pip install flask-httpauth
app = Flask(__name__)
auth = HTTPBasicAuth()
@app.route('/', methods=['GET','POST'])
@auth.login_required
def login():
print('in login')
print(request.values.get('email'), request.values.get('password'))
templateToReturn = 'login.html'
if request.method == 'POST':
print('in post')
username = request.values.get('email')
password = request.values.get('password')
if verify_password(username, password):
print('password verified')
templateToReturn = 'index.html'
print('Curr user', auth.current_user())
print('request: ', request.method)
if request.method == 'GET' and auth.current_user():
templateToReturn = 'index.html'
return render_template(templateToReturn)
@app.route('/logout')
def logout():
return render_template('logout.html')
@auth.verify_password
def verify_password(email, password):
print('in verify pwd')
return verifyAuthentication(email, password)
def verifyAuthentication(email, password):
knownUsers = {'p1@gmail.com': 'pass',
'p2@yahoo.com': 'pass'}
authenticated = False
if email in knownUsers:
if knownUsers[email] == password:
authenticated = True
return authenticated
当我单击表单的 submit 按钮时,我将转到 login() 函数。但是,难道不应该有某种方法可以将它转到 verify_password() 函数,因为它装饰有 @auth.verify_password 吗?
用户身份验证是如何在代码的哪一部分中注册到 Flask 的?我的意思是:@auth.login_required 装饰器什么时候允许执行相应的装饰函数?
甚至 HTTPBasicAuth() 的官方页面也没有用 HTML 示例来解释这一点。有人可以通过添加到我的代码中来解释一下吗?
您忘记在 HTML 输入标签中添加名称属性,因此理想情况下应该是 -
<input id="email" name="email" type="email" class="validate" />
<input id="password" name="password" type="password" class="validate" />
我创建了这个表格:
<html>
<body>
<div>
<form action="{{ url_for('login') }}" method="POST">
<div class="row">
<div>
<input id="email" name="email" type="email" class="validate">
<label for="email">Email</label>
</div>
</div>
<div class="row">
<div>
<input id="password" type="password" name="password" class="validate">
<label for="password">Password</label>
</div>
</div>
<button type="submit" id="login" >Login</button>
<br>
</form>
<div>
</body>
</html>
我有这个使用 HTTPBasicAuth 进行身份验证的 Flask 应用程序。
#!flask/bin/python
from flask import Flask, jsonify, abort, request, make_response, url_for
from flask import render_template
from flask_httpauth import HTTPBasicAuth
#Needs: pip install flask-httpauth
app = Flask(__name__)
auth = HTTPBasicAuth()
@app.route('/', methods=['GET','POST'])
@auth.login_required
def login():
print('in login')
print(request.values.get('email'), request.values.get('password'))
templateToReturn = 'login.html'
if request.method == 'POST':
print('in post')
username = request.values.get('email')
password = request.values.get('password')
if verify_password(username, password):
print('password verified')
templateToReturn = 'index.html'
print('Curr user', auth.current_user())
print('request: ', request.method)
if request.method == 'GET' and auth.current_user():
templateToReturn = 'index.html'
return render_template(templateToReturn)
@app.route('/logout')
def logout():
return render_template('logout.html')
@auth.verify_password
def verify_password(email, password):
print('in verify pwd')
return verifyAuthentication(email, password)
def verifyAuthentication(email, password):
knownUsers = {'p1@gmail.com': 'pass',
'p2@yahoo.com': 'pass'}
authenticated = False
if email in knownUsers:
if knownUsers[email] == password:
authenticated = True
return authenticated
当我单击表单的 submit 按钮时,我将转到 login() 函数。但是,难道不应该有某种方法可以将它转到 verify_password() 函数,因为它装饰有 @auth.verify_password 吗?
用户身份验证是如何在代码的哪一部分中注册到 Flask 的?我的意思是:@auth.login_required 装饰器什么时候允许执行相应的装饰函数?
甚至 HTTPBasicAuth() 的官方页面也没有用 HTML 示例来解释这一点。有人可以通过添加到我的代码中来解释一下吗?
您忘记在 HTML 输入标签中添加名称属性,因此理想情况下应该是 -
<input id="email" name="email" type="email" class="validate" />
<input id="password" name="password" type="password" class="validate" />