This flask app is properly prompting for username and password- but according to the log files, returning the route /NONE despite that issue, the session seems to be valid and other @login_required routes can be accessed. Any ideas as to what is going on would be appreciated.
Login Template: login.html
{% extends "bootstrap/base.html" %}
{% block content %}
<div class="container">
<div class="row">
<form class="form-signin" action="/logmein" method="POST">
<h2 class="form-signin-heading"> PCBevo Login</h2>
<div class="col-2">
<label for="username" class="sr-only">Username</label>
<input type="text" id="username" class="form-control" placeholder="username" name="username" required autofocus>
</div>
<div class="col-3">
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" id="inputPassword" class="form-control" placeholder="password" name="password" required>
</div>
<div class="col-4">
<button class="btn btn-lg btn-primary btn-block" type="submit" value="Submit">Sign in</button>
</div>
</form>
</div>
</div> <!-- /container -->
{% endblock %}
Below is the SQLAlchemy User Model:
class User(UserMixin, db.Model):
__tablename__ = "users"
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(254), unique=True)
email = db.Column(db.String(50), unique=True)
password = db.Column(db.String(80))
groups = db.Column(db.String(80))
def __init__(self, username, email, password, groups):
self.username = username
self.email = email
self.password = password
self.groups = groups if isinstance(groups, str) else ','.join(groups)
def __repr__(self):
clsname = self.__class__.__name__
return "{}({}) ".format(clsname, self.username)
def is_developer(self):
return isinstance(self.groups, str) and 'dev' in self.groups.split(',')
Selected attributes for app setup of login_manager and problem routes:
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'login'
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
@app.route('/login')
def login():
session['next'] = request.args.get('next')
return render_template('login.html')
@app.route('/logmein', methods=['POST'])
def logmein():
username = request.form['username']
password = request.form['password']
user = User.query.filter_by(username=username).first()
if not user:
return '<h1>User not found!</h1>'
stored_password = user.password
if check_password_hash(stored_password, password):
login_user(user)
try:
return redirect(session['next'])
except KeyError:
return '<h1>You are now logged in!</h1>'
else:
return '<h1>Wrong password!</h1>'
session['next']
beforereturn redirect(session['next'])
. It can be empty. Especially if you will run/login
instead of/login?next=some_url
– furas