Skip to content

Instantly share code, notes, and snippets.

Last active May 21, 2024 06:25
Show Gist options
  • Save bkdinoop/6698956 to your computer and use it in GitHub Desktop.
Save bkdinoop/6698956 to your computer and use it in GitHub Desktop.
Flask-Login : created by : Matthew Frazier
# -*- coding: utf-8 -*-
Flask-Login example
This is a small application that provides a trivial demonstration of
Flask-Login, including remember me functionality.
:copyright: (C) 2011 by Matthew Frazier.
:license: MIT/X11, see LICENSE for more details.
from flask import Flask, request, render_template, redirect, url_for, flash
from flask.ext.login import (LoginManager, current_user, login_required,
login_user, logout_user, UserMixin, AnonymousUser,
confirm_login, fresh_login_required)
class User(UserMixin):
def __init__(self, name, id, active=True): = name = id = active
def is_active(self):
class Anonymous(AnonymousUser):
name = u"Anonymous"
1: User(u"Notch", 1),
2: User(u"Steve", 2),
3: User(u"Creeper", 3, False),
USER_NAMES = dict((, u) for u in USERS.itervalues())
app = Flask(__name__)
SECRET_KEY = "yeah, not actually a secret"
DEBUG = True
login_manager = LoginManager()
login_manager.anonymous_user = Anonymous
login_manager.login_view = "login"
login_manager.login_message = u"Please log in to access this page."
login_manager.refresh_view = "reauth"
def load_user(id):
return USERS.get(int(id))
def index():
return render_template("index.html")
def secret():
return render_template("secret.html")
@app.route("/login", methods=["GET", "POST"])
def login():
if request.method == "POST" and "username" in request.form:
username = request.form["username"]
if username in USER_NAMES:
remember = request.form.get("remember", "no") == "yes"
if login_user(USER_NAMES[username], remember=remember):
flash("Logged in!")
return redirect(request.args.get("next") or url_for("index"))
flash("Sorry, but you could not log in.")
flash(u"Invalid username.")
return render_template("login.html")
@app.route("/reauth", methods=["GET", "POST"])
def reauth():
if request.method == "POST":
return redirect(request.args.get("next") or url_for("index"))
return render_template("reauth.html")
def logout():
flash("Logged out.")
return redirect(url_for("index"))
if __name__ == "__main__":
Copy link

ajaykgp commented Dec 2, 2013

this example doesn't work. Throws ImportError: cannot import name LoginManager.

Copy link

@ajaykgp :

from flaskext.login import should be from flask.ext.login import.....

Then it will work !!

Copy link

sjzabel commented Jan 6, 2014

Thank you, This totally helped me out. I appreciate it.

Copy link

@ajaykgp Sorry for the Typo Error

Copy link

lashex commented Jan 17, 2014

I have been trying to figure out when and where to override is_authenticated() from the UserMixin. Anytime I try to override it and use an in-object property I always end up with a User that has an authenticated property value of False in subsequent uses, even when I set it to True. Is there something I need to do to ensure the session remembers the user object I am updating?

Here is the User object:

class User(UserMixin):
    def __init__(self, username='', email='',
                 uid=None, standing='good', active=False,
                 confirmed_at=dt.MAXYEAR, created=None):
        super(User, self).__init__()
        self.username = str(username) = email = active
        self._authenticated = False

    def is_active(self):

    def set_authenticated(self, value):
        if value:
            self._authenticated = True

    def is_authenticated(self):
        return self._authenticated

...and then in a pared down snippet of code, here's where I set the authenticated property to True

@app.route('/v1/user/login', methods=['POST', 'OPTIONS'])
def login():
    u = json.loads(
    user = datastore.get_user(u['username'])

    if user.check_password(u['password']):
        user.set_authenticated(True) # <<< here is where the value should become True
        if login_user(user, remember=remember):
            return make_response(jsonify(username=u['username'],
                                                 message='Login successful'), 200)

Copy link

jamespo commented Feb 5, 2014

Shouldn't AnonymousUser be AnonymousUserMixin ?

Copy link

Sorry I'm new to flask... how do I install flask.ext.login ?
My OS is ubuntu... flask itself is working. but not this one. thanks.

sudo easy_install flask.ext.login

Searching for flask.ext.login
Couldn't find index page for 'flask.ext.login' (maybe misspelled?)
Scanning index of all packages (this may take a while)

Copy link

raphonic commented Apr 4, 2014

@victorfang If you haven't got it installed yet, try 'sudo easy_install Flask-Login'

Copy link

l-r commented Jun 9, 2014

They changed the AnonymousUser name to AnonymousUserMixin, see pallets-eco/flask-security-3.0#119

Copy link

Hi! Thanks for this! Anyone know where I can find the corresponding .html files etc? Is this part of a full package somewhere else?

Copy link

Thanks for this! I was seriously struggling with the User class as almost every tutorial forces you to use sqlalchemy for the database. The way you did it made so much more sense.

Copy link

visualos commented Apr 8, 2024

Here's actual code (April 2024). You just need to add simple index.html, secret.html ,etc

# -*- coding: utf-8 -*-
Flask-Login example
This is a small application that provides a trivial demonstration of
Flask-Login, including remember me functionality.

:copyright: (C) 2011 by Matthew Frazier.
:license:   MIT/X11, see LICENSE for more details.
from flask import Flask, request, render_template, redirect, url_for, flash
from flask_login import (LoginManager, current_user, login_required,
                         login_user, logout_user, UserMixin,
                         confirm_login, fresh_login_required)

class User(UserMixin):
    def __init__(self, name, id1, active=True): = name = id1 = active

    def is_active(self):

class AnonymousUser(UserMixin):
    name = "Anonymous"
    id = None
    active = False

class Anonymous(AnonymousUser):
    name = "Anonymous"

    1: User("Notch", 1),
    2: User("Steve", 2),
    3: User("Creeper", 3, False),

USER_NAMES = { u for u in USERS.values()}  # Uwaga: metoda .itervalues() jest przestarzała w Python 3.x

app = Flask(__name__)

SECRET_KEY = "yeah, not actually a secret"
DEBUG = True


login_manager = LoginManager()

login_manager.anonymous_user = Anonymous
login_manager.login_view = "login"
login_manager.login_message = "Please log in to access this page."
login_manager.refresh_view = "reauth"

def load_user(user_id):
    return USERS.get(int(user_id))

def index():
    return render_template("index.html")

def secret():
    return render_template("secret.html")

@app.route("/login", methods=["GET", "POST"])
def login():
    if request.method == "POST" and "username" in request.form:
        username = request.form["username"]
        if username in USER_NAMES:
            remember = request.form.get("remember", "no") == "yes"
            if login_user(USER_NAMES[username], remember=remember):
                flash("Logged in!")
                return redirect(request.args.get("next") or url_for("index"))
                flash("Sorry, but you could not log in.")
            flash("Invalid username.")
    return render_template("login.html")

@app.route("/reauth", methods=["GET", "POST"])
def reauth():
    if request.method == "POST":
        return redirect(request.args.get("next") or url_for("index"))
    return render_template("reauth.html")

def logout():
    flash("Logged out.")
    return redirect(url_for("index"))

if __name__ == "__main__":

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment