我正在使用React with Flask和flask-login。我有一个登录路由,成功登录前端的用户。但是,只要我导航到新页面,这会导致进行新的API调用,否则将返回401.我在Firefox Web控制台中的Cookies或会话存储中看不到任何内容。
@flask_app.route('/<api_version>/login', methods=['POST'])
def login(api_version):
print(f'login', request.form )
username = request.form['username']
password = request.form['password']
response = None
try:
user = server.loginUser(username, password)
flask_login.login_user(user, remember=True)
except Exception as e:
errMsg = f'Error Logging in user {username}'
status = e.status if hasattr(e, 'status') else 500
print(f'{errMsg}')
traceback.print_exc()
return Response(
'{{"message": "{0}", "status": {1} }}'.format(
errMsg, status), status=status, mimetype='application/json')
resp_obj = json.dumps({"username": user.username, "role": user.role})
resp = Response(resp_obj, status=200, mimetype='application/json')
resp.headers['Content-Type'] = 'application/json'
return resp
@flask_app.route("/<api_version>/simulation-runs", methods=['GET'])
@flask_login.login_required
def get_simulation_runs(api_version):
...
server.朋友
from models import account # DB
def loginUser(username, password):
print(f'loginUser {username}')
user_db = account.get_account(username)
print(f'User returned from DB: {user_db}')
errMsg = 'Invalid username or password. Please try again.'
if not len(user_db) or (not 'password' in user_db):
e1 = Unauthorized(errMsg)
e1.status = 401
raise e1
#if request.form['password'] == users[username]['password']:
#if password == user['password']:
if bcrypt.check_password_hash(user_db['password'], password):
user = User()
user.id = username
user.username = username
user.role = user_db['role']
print(f'loginUser returning {vars(user)} is_active: ${user.is_active} is_authenticated: ${user.is_authenticated}')
return user
else:
e1 = Unauthorized(errMsg)
e1.status = 401
raise e1
user.朋友
class User(flask_login.UserMixin):
pass
您没有记录用户并在服务器上创建会话。
flask_login.login_user(user)需要在那里让服务器了解登录成功。
您还应该通过添加session ['logged_in'] = True来创建新会话
建议使用定义良好的用户类