0

每当我在为端点 /auth 使用 @login_requried 后成功登录时,到这里为止流程都很好。如果我再次在浏览器中点击 '/auth',它会将我带到@login_manager.unauthorized_handler下的函数。我能知道为什么吗?

我的应用程序在登录页面上有一个按钮,只有在用户未登录时才应显示此页面。该单个按钮再次被重定向到另一个 oauth 登录(如 google/webex)。我想用 login_required 装饰器保护所有其他页面。每当我在成功登录后重新访问 url 时,就会出现登录页面,这不应该是这种情况。

app = Flask(__name__)
CORS(app)
sess = Session()

app.config.from_envvar("APP_CONFIG_FILE")
app.config['SECRET_KEY'] = "secret"
app.config['SESSION_PERMANENT'] = True
app.config['SESSION_TYPE'] = 'filesystem'
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(minutes=15)
app.config['USE_SESSION_FOR_NEXT'] = True

login_manager = LoginManager()
# login_manager.login_view = '.main_page'
login_manager.init_app(app)
sess.init_app(app)

@login_manager.unauthorized_handler
def unauthorized_callback():
    # messages = json.dumps({"request_url":request.url})
    session['request_url'] = request.url
    return redirect(url_for('.main_page'))

@login_manager.request_loader
def load_user(request):
    print("QUERY STRING = " ,request.url)
    print(session)
    if 'user' in session:
        print("inside user")
        user = session['user']
        # session['state_url'] = request.url
        print(user.is_authenticated)
        return user
    if "code" in request.args:
        print("inside code")
        # query_string = request.query_string
        auth_code = request.args.get('code')
        user = User(auth_code)

        if auth_code:
            # user.redirectURI = request.url
            user.get_tokens()
            print("access_token is: " ,user._access_token)
            personID, emailID, displayName, orgId = user.get_oauthuser_info()
            session['user'] = user 
            # session['state_url'] = request.url
        login_user(user)
        return user
    return None
@app.route("/") 
def main_page():
    """Main Grant page"""
    # if 'state' in request.args:
    #     return render_template("index.html",state=request.args['state'])
    # if 'next' in request.args:
    #     redirect(request.args.get('next'))
    if 'request_url' in session:
        query = session['request_url'].replace('http://localhost:6006',"http://733e6ad8e711.ngrok.io")
        return render_template("index.html",redirect = urllib.parse.quote(query,encoding='UTF-8',safe=''))
    else:
        return render_template("index.html")

@app.route("/reroute") 
@login_required
def re_route():
    """Main Grant page"""
    return ("landed here xD with session by:" + str(session['user'].personID) + " from Org: "+str(session['user'].orgID))


@app.route("/auth") #Endpoint acting as Redirect URI.
@login_required
def auth():
    return "Auth Page"





if __name__ == '__main__':
    app.run(host="0.0.0.0",port=6006,debug=True)
4

0 回答 0