I created a session with the user email id in the flag (python framework), after the user logged in to my account. Well, his work is wonderful and the session created during verification. URL for it "http://localhost:5000/login". But when the user clicked the button to exit the browser, I found that the session was not working .. (I do not know, although I created the session during login).
My ajax code runs on apache2 server as "http://localhost:80/index.html".
When I cross-check using curl , it works fine. But in the case of the browser, when I click the logout button , a message appears that I found on the terminal (ubuntu) that your session has expired although I created it during login .
Here is the Ajax code for the login part of index.html
$("#btn_login").click(function(){
var txt1 = $("#txt1").val();
var txt3 = $("#txt3").val();
console.log("text: ", txt1, txt3);
var a = {"username": txt1, "password": txt3, "type": "login"};
$.ajax(
{
url: "http://localhost:5000/login",
type: "POST",
headers: {"Content-Type": "application/json"},
data: JSON.stringify(a),
dataType: "json",
success: function(response) {
console.log("Response from Python: ", response);
var output = response.result;
$("#show_msg").html("Mengego says: " + output.message + " " + output.user);
},
error: function(err) {
console.log("error: " + err);
}
}
);
});
Below is the Ajax code for the logout part of index.html
$("#logout").click(function(){
$.ajax(
{
url: "http://localhost:5000/logout",
type: "POST",
headers: {"Content-Type": "application/json"},
success: function(response) {
console.log("Response from Python: ", response);
var output = response.result;
$("#show_msg").html("Output of Logout: " + output.message);
},
error: function(err) {
console.log("error: " + err);
}
}
);
});
Below is the flask code for the login part of "user.py"
@user_api.route("/login", methods=['POST'])
def login():
returning_data = {}
try:
form_params = request.json
username = form_params["username"]
password = form_params["password"]
sql = "SELECT username, password FROM user WHERE username = '" + username + "' AND password = '" + password + "'"
results = obj_connect.executeFetch(sql)
if len(results) == 0:
returning_data = { "message": "You enter incorrect username or password..", "user": []}
else:
sql = "SELECT email FROM user WHERE username = '" + username + "' AND password = '" + password + "'"
results = obj_connect.executeFetch(sql)
session['email'] = results[0][0]
print "session key is ", session['email']
print "session is ", session
session.permanent = True
returning_data = { "message": "Welcome!!!...", "user": username}
except Exception:
print traceback.format_exc()
returning_data = { "message": "Error during Login" }
return jsonify({"result": returning_data})
Below is flask code for logout part of **"user.py"**
@user_api.route("/logout", methods=['POST'])
def logout():
print "ses", session
returning_data = {}
try:
if 'email' in session:
print "your session is alive"
else:
print "your session expired"
session.clear()
if 'email' in session:
print "your session is still alive"
else:
print "your session already expired"
returning_data = { "message": "You are Logout Now...." }
except Exception:
print traceback.format_exc()
returning_data = { "message": "Failure in Logout" }
return jsonify({"result": returning_data})
, logout, (ubuntu), ....
:
your session expired
your session already expired
:
your session is alive
your session already expired
, ..