如何使用LDAP3身份验证保留所有将来请求的用户名

Question

I've written a login.views.py for LDAP3 authentication, and the application is such that once the user login successfully, it will take the user to a template with displayed on the top right of all future request pages. My application configuration for this login module is __init__.py . Part of the template code regarding whether the user is authenticated is here .

All of the above codes persist user's name in all future requests (that is different modules of the application) once logged in using Flask's development server; however, when I deployed the application live to production server , the username is sometimes persisted and other time not persisted.

I've followed two previous similar questions on StackOverflow: first question and second question , but still can't understand to solve my problem.

How do I persist users' info for all future requests once they successfully login?

Answer 1

You cannot use global variables in Flask apps. You have a users dict to store users fetched from LDAP. During development this "works" because the dev server only uses one process. However, in production you are most likely running the app in more than one process. Each process will have its own users dict, so the user will only be loaded if the request is handled by the same process that handled logging in the user.

You need to store the user data somewhere separate from the app, where it can be looked up during each request. The typical example is a database, but in this case you're using LDAP, just fetch the user data by id from LDAP in the loader function. If you're trying to avoid making queries to LDAP, then you need some other external storage to store and fetch the data, such as a database, memcache, redis, etc. You can also just throw the user data in the session.