I'm using flask-login and this problem occur.
The log-in function run as following:
@api.route('/login', methods=['POST'])
def login():
if current_user.is_authenticated():
return jsonify(flag='success')
username = request.form.get('username')
password = request.form.get('password')
if username and password:
user, authenticated = fsUser.authenticate(username, password)
if user and authenticated:
if login_user(user, remember='y'):
print 'is authenticated: ',current_user.is_authenticated()
return jsonify(flag='success')
current_app.logger.debug('login(api) failed, username: %s.' % username)
return jsonify(flag='fail', msg='Sorry, try again.')
The code is working just fine. It run normally even toward the return flag='success'. I have checked and see there's session it create. All work well except that the current_user is still anonymous. So the current_user.is_authenticated() still return fail.
And I got no clue where to check, can anyone help me?
P.S. the user object is gotten from SQL database by SQLAlchemy. If it's maybe the source of problem I can provide the model.py after a bit modification too.
Edit: My user callback definition:
@login_manager.user_loader
def load_user(id):
user = cache.get(id)
if not user:
user = User.get_by_id(id)
cache.set(id, user, 20*60)
return user
I've print out to check, the user return above is corrent, it's just the current_user still anonymous object as default
The User class:
class User(db.Model, UserMixin):
__tablename__ = 'my_users'
id = Column('user_id', db.Integer, primary_key=True)
level = Column('user_level', db.Integer, nullable=False)
name = Column('user_name', db.String(255))
email = Column('user_email', db.String(255), nullable=False, unique=True)
# ===============================================================
# Users
# ================================================================
# Password
_password = Column('user_password', db.String, nullable=False)
def _get_password(self):
return self._password
def _set_password(self, password):
self._password = generate_password_hash(password)
# Hide password encryption by exposing password field only.
password = db.synonym('_password',
descriptor=property(_get_password,
_set_password))
def check_password(self, password):
if self.password is None:
return False
return check_password_hash(self.password, password)
def is_authenticated(self):
return True
def is_active(self):
return True
def is_anonymous(self):
return False
def get_id(self):
return unicode(self.id)
def find_user(self):
return unicode('[email protected]')