A
A
AliminVerckon2021-02-07 13:13:06
Flask
AliminVerckon, 2021-02-07 13:13:06

Why doesn't it count authorization?

Authorization

@app.route('/auth' , methods=['GET', 'POST'])
def special():
    if current_user.is_authenticated:
        return redirect(url_for('special_control'))
    form = LoginForm()
    if form.validate_on_submit():
        user = SuperUser.query.filter_by(login=form.username.data).first()
        if user is None or not user.check_password(form.password.data):
            flash('Invalid username or password')
            return redirect(url_for('special'))
        login_user(user, remember=form.remember_me.data)
        return redirect(url_for('special_control'))
    return render_template('/products/login.html', form=form, title='Авторизация')

Redirects where if the user exists
@app.route('/control')
@login_required
def special_control():
    return render_template('/products/control_panel.html', title='Панель управления', )

The form
class LoginForm(FlaskForm):
    username = StringField('Username', validators=[DataRequired()])
    password = PasswordField('Password', validators=[DataRequired()])
    remember_me = BooleanField('Remember Me')
    submit = SubmitField('Sign In')

Sample
<form action="" method="post"  novalidate>
                                {{ form.hidden_tag() }}
                                <p>
                                    <p style="margin-left: 35%;">{{ form.username.label }}</p><br>
                                    <p>{{ form.username(size=32) }}</p><br>
                                    {% for error in form.username.errors %}
                                    <span style="color: #ff0000;">[{{ error }}]</span>
                                    {% endfor %}
                                </p>
                                <p>
                                    <p style="margin-left: 36%;">{{ form.password.label }}</p><br>
                                    <p>{{ form.password(size=32) }}</p><br>
                                    {% for error in form.password.errors %}
                                    <span style="color: #ff0000;">[{{ error }}]</span>
                                    {% endfor %}
                                </p>
                                <p style="margin-left: 27%;">{{ form.remember_me() }} {{ form.remember_me.label }}</p>
                                <p style="margin-left: 37%;">{{ form.submit() }}</p>
                            </form>

the user exists in the database and the password is encoded by werkzeug.

The problem is that during authorization, he does not count it and redirects to the same page without writing an error that the name or password is not correct, and even if there is no user, he does not write any warning. (the latter is done by the flash command)

Answer the question

In order to leave comments, you need to log in

1 answer(s)
W
Wispik, 2021-02-07
@AliminVerckon

That's right, here you have it written, if the user is authorized, then redirect to the same page

if current_user.is_authenticated:
        return redirect(url_for('special'))

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question