烧瓶未经授权的回调

时间:2020-07-12 15:26:39

标签: flask flask-login flask-session

每当我使用@login_requried作为端点/ auth后成功登录时,流向此处都很好。如果我再次在浏览器中单击“ / auth”,它将带我进入 @ login_manager.unauthorized_handler 下的功能。我能知道为什么吗?

我的应用程序在登录页面上只有一个按钮,并且仅当用户未登录时才应显示此页面。该单个按钮再次重定向到另一个oauth登录名(例如google / webex)。我想用login_required装饰器保护所有其他页面。成功登录后,每当我重新访问url时,登录页面就会出现,这不应该是这种情况。

app = Flask(__name__)
CORS(app)
sess = Session()

app.config.from_envvar("APP_CONFIG_FILE")
app.config['SECRET_KEY'] = "secret"
app.config['SESSION_PERMANENT'] = True
app.config['SESSION_TYPE'] = 'filesystem'
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(minutes=15)
app.config['USE_SESSION_FOR_NEXT'] = True

login_manager = LoginManager()
# login_manager.login_view = '.main_page'
login_manager.init_app(app)
sess.init_app(app)

@login_manager.unauthorized_handler
def unauthorized_callback():
    # messages = json.dumps({"request_url":request.url})
    session['request_url'] = request.url
    return redirect(url_for('.main_page'))

@login_manager.request_loader
def load_user(request):
    print("QUERY STRING = " ,request.url)
    print(session)
    if 'user' in session:
        print("inside user")
        user = session['user']
        # session['state_url'] = request.url
        print(user.is_authenticated)
        return user
    if "code" in request.args:
        print("inside code")
        # query_string = request.query_string
        auth_code = request.args.get('code')
        user = User(auth_code)

        if auth_code:
            # user.redirectURI = request.url
            user.get_tokens()
            print("access_token is: " ,user._access_token)
            personID, emailID, displayName, orgId = user.get_oauthuser_info()
            session['user'] = user 
            # session['state_url'] = request.url
        login_user(user)
        return user
    return None
@app.route("/") 
def main_page():
    """Main Grant page"""
    # if 'state' in request.args:
    #     return render_template("index.html",state=request.args['state'])
    # if 'next' in request.args:
    #     redirect(request.args.get('next'))
    if 'request_url' in session:
        query = session['request_url'].replace('http://localhost:6006',"http://733e6ad8e711.ngrok.io")
        return render_template("index.html",redirect = urllib.parse.quote(query,encoding='UTF-8',safe=''))
    else:
        return render_template("index.html")

@app.route("/reroute") 
@login_required
def re_route():
    """Main Grant page"""
    return ("landed here xD with session by:" + str(session['user'].personID) + " from Org: "+str(session['user'].orgID))


@app.route("/auth") #Endpoint acting as Redirect URI.
@login_required
def auth():
    return "Auth Page"





if __name__ == '__main__':
    app.run(host="0.0.0.0",port=6006,debug=True)

0 个答案:

没有答案
相关问题
最新问题