python - Flask-Login. Where do I store users for the user_loader function to find them? -
according flask's documentation:
user_loader(callback): sets callback reloading user session. function set should take user id (a unicode) , return user object, or none if user not exist.
from funciton supposed load user object? user data stored in session, isn't user object, json blob of info user. without storing user objects in global dictionary or something, have no idea how function supposed take user_id , return associate user except creating new user id, , mapping previous data it.
i should mention not using database (and if same problem present itself--databases can't store user objects, store data users) because using authentication credentials stored in ldap server.
here code:
class user(object): def __init__(self, user_id, password, active=true, authenticated=false, anonymous=false): self.user_id = user_id.upper() self.password = password self.active = active self.authenticated = authenticated self.anonymous = anonymous def is_active(self): return self.active def is_anonymous(self): return self.anonymous def is_active(self): return self.active def is_authenticated(self): return self.authenticated def get_id(self): return self.user_id and view function:
@mod.route('/login', methods=['get', 'post']) def login(): form = loginform(request.form) if request.method == 'post' , form.validate(): user_id = form.user_id.data password = form.password.data user = user(user_id=user_id, password=password) conn = get_ldap_connection(user.user_id, user.password) if conn: login_user(user) user.authenticated = true next = request.args.get('next') if next: print("next: ", next) return flask.abort(400) return redirect('/mmt') return render_template('auth/login.html', form=form) every example can find of implementation user_loader function makes use of sqlalchemy.session.add(user) mentioned i'm not storing users in database... exist in different database.
you don't store user in session, store unique value identify user. use id load user. in case of database, store primary key of user, query key. can exact same thing ldap: store unique value in session, load ldap based on value.
the user has object inherits flask_login.usermixin (or implements does, example code doesn't, _is attributes should properties). you'd load record ldap , pass data user class create user.
in login view, create user object based on record load ldap, , call login_user(user) it. flask-login calls user object's get_id method store unique value in login cookie. on subsequent requests, flask-login calls user_loader load user based on value in cookie; function perform ldap query , create user, similar login view. user object return user_loader stored in current_user duration of request.
Comments
Post a Comment