What is Flask-Login extension?

Flaskframework~5 mins

Flask-Login extension

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Introduction

Flask-Login helps you manage user login and keep users logged in easily. It handles remembering who is logged in and protecting pages that need login.

You want users to log in to your website and stay logged in while browsing.

You need to protect certain pages so only logged-in users can see them.

You want to easily check if a user is logged in or not in your code.

You want to log users out safely and clear their login info.

You want to remember users between visits with a 'remember me' feature.

Syntax

Flask

from flask_login import LoginManager, login_user, logout_user, login_required, current_user

login_manager = LoginManager()
login_manager.init_app(app)

@login_manager.user_loader
def load_user(user_id):
    return User.query.get(int(user_id))

# To log in a user:
login_user(user)

# To protect a route:
@login_required
def protected_route():
    pass

# To log out a user:
logout_user()

Initialize LoginManager with your Flask app using init_app().

Define a user_loader function to load users by ID from your database.

Examples

Set up the login manager and connect it to your Flask app.

Flask

from flask_login import LoginManager

login_manager = LoginManager()
login_manager.init_app(app)

Tell Flask-Login how to find a user by their ID from your database.

Flask

@login_manager.user_loader
def load_user(user_id):
    return User.query.get(int(user_id))

Flask

from flask_login import login_user

# After verifying user credentials:
login_user(user)

Protect a page so only logged-in users can access it.

Flask

from flask_login import login_required

@app.route('/dashboard')
@login_required
def dashboard():
    return 'Welcome to your dashboard!'

Sample Program

This small Flask app uses Flask-Login to let a user log in by entering a username. It protects the '/protected' page so only logged-in users can see it. Users can also log out.

Flask

from flask import Flask, redirect, url_for, request
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user

app = Flask(__name__)
app.secret_key = 'secret-key'

login_manager = LoginManager()
login_manager.init_app(app)

# Simple user class
class User(UserMixin):
    def __init__(self, id):
        self.id = id

# Fake user database
users = {'user1': User('user1')}

@login_manager.user_loader
def load_user(user_id):
    return users.get(user_id)

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        username = request.form.get('username')
        if username in users:
            login_user(users[username])
            return redirect(url_for('protected'))
        return 'Invalid username', 401
    return '''<form method="post">
                <input name="username" placeholder="Username">
                <input type="submit" value="Login">
              </form>'''

@app.route('/protected')
@login_required
def protected():
    return f'Logged in as: {current_user.id}'

@app.route('/logout')
@login_required
def logout():
    logout_user()
    return 'Logged out'

if __name__ == '__main__':
    app.run(debug=False)

OutputSuccess

Important Notes

Always set a secret key in your Flask app to keep sessions secure.

Flask-Login requires your user class to have an id attribute and inherit from UserMixin.

Use @login_required to protect routes that need login.

Summary

Flask-Login makes user login management simple and secure.

It helps keep track of logged-in users and protect pages.

Set up requires initializing LoginManager and defining a user loader.