0
0
Flaskframework~20 mins

Why authentication matters in Flask - Challenge Your Understanding

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
Authentication Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
1:30remaining
Why is authentication important in a Flask web app?

Imagine you have a Flask app where users can see their personal data. Why do you need authentication?

ATo change the app's color scheme
BTo allow anyone to edit all users' data
CTo make the app load faster
DTo make sure only the right user can see their own data
Attempts:
2 left
💡 Hint

Think about privacy and safety of user information.

component_behavior
intermediate
1:30remaining
What happens if a Flask route lacks authentication?

Consider a Flask route that shows user profile info but has no authentication check. What is the likely result?

AAnyone can access any user's profile data
BOnly logged-in users can see their profiles
CThe app crashes with an error
DThe profile page shows a loading spinner forever
Attempts:
2 left
💡 Hint

Think about what happens if no one checks who is visiting the page.

state_output
advanced
2:00remaining
What is the output of this Flask login check code?

Given this Flask snippet, what will be printed if a user is not logged in?

Flask
from flask import Flask, session
app = Flask(__name__)
app.secret_key = 'secret'

@app.route('/dashboard')
def dashboard():
    if 'user_id' in session:
        return 'Welcome user!'
    else:
        return 'Please log in first.'

# Assume session is empty (no user_id)
AKeyError: 'user_id'
B500 Internal Server Error
CPlease log in first.
DWelcome user!
Attempts:
2 left
💡 Hint

Check what happens when 'user_id' is missing in session.

📝 Syntax
advanced
2:00remaining
Which Flask code snippet correctly protects a route with login required?

Choose the code that correctly uses Flask-Login to protect a route so only logged-in users can access it.

A
@app.route('/profile')
def profile():
    if current_user.is_authenticated:
        return 'User Profile'
    else:
        return 'Access Denied'
B
@app.route('/profile')
@login_required
def profile():
    return 'User Profile'
C
@app.route('/profile')
@requires_login
def profile():
    return 'User Profile'
D
@app.route('/profile')
def profile():
    if user.is_logged_in:
        return 'User Profile'
    else:
        return 'Access Denied'
Attempts:
2 left
💡 Hint

Flask-Login provides a decorator named login_required.

🔧 Debug
expert
2:30remaining
Why does this Flask login code raise an error?

Examine the code below. Why does it raise a RuntimeError: Working outside of request context?

Flask
from flask import Flask, session
app = Flask(__name__)
app.secret_key = 'secret'

user_id = session.get('user_id')

@app.route('/')
def home():
    return f'User ID is {user_id}'
ABecause session is accessed outside a request, before any client request happens
BBecause Flask app is not run with debug=True
CBecause the route function is missing a return statement
DBecause secret_key is missing
Attempts:
2 left
💡 Hint

Think about when Flask allows access to session.