每当我在为端点 /auth 使用 @login_requried 后成功登录时,到这里为止流程都很好。如果我再次在浏览器中点击 '/auth',它会将我带到@login_manager.unauthorized_handler下的函数。我能知道为什么吗?
我的应用程序在登录页面上有一个按钮,只有在用户未登录时才应显示此页面。该单个按钮再次被重定向到另一个 oauth 登录(如 google/webex)。我想用 login_required 装饰器保护所有其他页面。每当我在成功登录后重新访问 url 时,就会出现登录页面,这不应该是这种情况。
app = Flask(__name__)
CORS(app)
sess = Session()
app.config.from_envvar("APP_CONFIG_FILE")
app.config['SECRET_KEY'] = "secret"
app.config['SESSION_PERMANENT'] = True
app.config['SESSION_TYPE'] = 'filesystem'
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(minutes=15)
app.config['USE_SESSION_FOR_NEXT'] = True
login_manager = LoginManager()
# login_manager.login_view = '.main_page'
login_manager.init_app(app)
sess.init_app(app)
@login_manager.unauthorized_handler
def unauthorized_callback():
# messages = json.dumps({"request_url":request.url})
session['request_url'] = request.url
return redirect(url_for('.main_page'))
@login_manager.request_loader
def load_user(request):
print("QUERY STRING = " ,request.url)
print(session)
if 'user' in session:
print("inside user")
user = session['user']
# session['state_url'] = request.url
print(user.is_authenticated)
return user
if "code" in request.args:
print("inside code")
# query_string = request.query_string
auth_code = request.args.get('code')
user = User(auth_code)
if auth_code:
# user.redirectURI = request.url
user.get_tokens()
print("access_token is: " ,user._access_token)
personID, emailID, displayName, orgId = user.get_oauthuser_info()
session['user'] = user
# session['state_url'] = request.url
login_user(user)
return user
return None
@app.route("/")
def main_page():
"""Main Grant page"""
# if 'state' in request.args:
# return render_template("index.html",state=request.args['state'])
# if 'next' in request.args:
# redirect(request.args.get('next'))
if 'request_url' in session:
query = session['request_url'].replace('http://localhost:6006',"http://733e6ad8e711.ngrok.io")
return render_template("index.html",redirect = urllib.parse.quote(query,encoding='UTF-8',safe=''))
else:
return render_template("index.html")
@app.route("/reroute")
@login_required
def re_route():
"""Main Grant page"""
return ("landed here xD with session by:" + str(session['user'].personID) + " from Org: "+str(session['user'].orgID))
@app.route("/auth") #Endpoint acting as Redirect URI.
@login_required
def auth():
return "Auth Page"
if __name__ == '__main__':
app.run(host="0.0.0.0",port=6006,debug=True)