Login_required decorator does not work, the checkbox allows anonymous users

Question

Login_required decorator does not work, the checkbox allows anonymous users

I graced the login_required method, but I am surprised that it does not execute at all, allowing anonymous users. Printing current_user inside the method returns this:

 <flask_login.AnonymousUserMixin object at 0xb67dbd4c>

Are you supposed to reject users who return false in user.is_autheticated() ? What have I done wrong?

I have setup FL this way:

 lm = LoginManager(app) lm.login_view = 'root'

in views.py:

 @lm.user_loader def load_user(id): return User.query.get(int(id))

actual view:

 @login_required @app.route("/messages") def messages(): print "current user", current_user return "hello world"

+7

python flask

aitchnyu Aug 13 '14 at 14:24

source share

2 answers

Everything looks fine, which probably means the problem is somewhere else.

What configuration are you using? If LOGIN_DISABLED or TESTING set to true, authentication is disabled.

If your configuration is ok, set a breakpoint inside login_required decorator and check why it allows an anonymous user.

+6

Bartosz marcinkowski Aug 13 '14 at 14:33

source share

aitchnyu · Accepted Answer · 2014-08-14T11:53:22+0000

Serendipity gave me this :

When using additional decorators, always remember that the route () decorator is the most external:

I wrote this incorrectly (the route is not the most external).

The PDB may execute your suspicious method in debug mode to check the local state.

Flask-Login is present on GitHub anyway, and the login_required source is easy enough to understand.

Login_required decorator does not work, the checkbox allows anonymous users

More articles: