Skip to content

Instantly share code, notes, and snippets.

@maxcountryman

maxcountryman/README.md

Last active August 29, 2015 14:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save maxcountryman/f97446ab24d8d9894be7 to your computer and use it in GitHub Desktop.
Save maxcountryman/f97446ab24d8d9894be7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
README.md

Flask-Login Demo

Setup

$ pip install flask
$ pip install flask-login

Run

$ python app.py

Test via curl

$ curl localhost:5000/protected -H 'Authorization: foo@bar.tld:secret'
Raw
flask-login-demo.py
'''
A very simple demonstration of Flask-Login.
'''
import flask
import flask.ext.login as flask_login
# Flask application object.
app = flask.Flask(__name__)
# Mock database.
db = {'foo@bar.tld': ('Foo Bar', 'secret')}
# Flask Login specifics.
login_manager = flask_login.LoginManager()
login_manager.init_app(app)
class User(flask_login.UserMixin):
def __init__(self, username, password):
self.id = username
self.password = password
@classmethod
def get(cls, email):
return cls(*db.get(email))
@login_manager.request_loader
def request_loader(request):
token = request.headers.get('Authorization')
if token is None:
return
email, password = token.split(':')
user = User.get(email)
if user.password == password: # N.B. timing attack possible!
return user
# Views.
@app.route('/')
def public():
return flask.jsonify({'okay': True})
@app.route('/protected')
@flask_login.login_required
def protected():
return flask.jsonify({'name': flask_login.current_user.id})
if __name__ == '__main__':
app.config['SECRET_KEY'] = 'hunter2'
app.run(debug=True)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment