i am using flask-login to integrate session management in my flask app. But the remember me functionality doesn't work if i set the session_protection to strong, however, it works absolutely fine if it's set to basic.
user_loader:
@login_manager.user_loader
def load_user(email):
user = get_user_with_email(email)
if user:
return User(user.id, user.email, user.role_id, user.createtime, user.updatetime)
to fetch user from the database:
from psycopg2.extras import NamedTupleCursor
def get_user_with_email(email):
cursor = get_db().cursor(cursor_factory=NamedTupleCursor)
cursor.execute('SELECT * FROM users WHERE email = %s', (email,))
return cursor.fetchone()
and my user class:
class User(UserMixin):
def __init__(self, username, email, role_id, createtime, updatetime):
self.username = username
self.email = email
self.role_id = role_id
self.createtime = createtime
self.updatetime = updatetime
@property
def password(self):
raise AttributeError('password is not a readable property')
@password.setter
def password(self, password):
self._password = generate_password_hash(password)
def verify_password(self, password):
return check_password_hash(self._password, password)
@property
def is_active(self):
"""All users are active"""
return True
@property
def is_anonymous(self):
"""Always return False, anonymous users aren't supported"""
return False
def get_id(self):
"""Return username for flask_login to use it as user id"""
return self.email
@property
def is_authenticated(self):
"""All users are authenticated"""
return True
def register(self, password):
self.password = password
# Todo: complete the registration logic
def __repr__(self):
return 'User(username={0}, email={1})'.format(self.username, self.email)
I am doing exactly what is mentioned in the documentation, but still the user logs out when the browser closes in case of strong protection. i am not sure what's going wrong.
I would appreciate any help, thanks !