Flask session log out and redirect to login page
Question
I am using Flask,Python for my web application. The user will login and if the session time is more than 5 minutes then the app should come out and it should land on the login page.
I tried some of the methods and I can see the session time out is happening but redirect to login page is not happening.
@app.before_request
def before_request():
"Session time out method"
flask.session.permanent = True
app.permanent_session_lifetime = datetime.timedelta(minutes=2)
flask.session.modified = True
flask.g.user = flask_login.current_user
#return redirect(url_for('login'))
I have used before_request for seesion time out. I have referrred this link Flask logout if sessions expires if no activity and redirect for login page but I dont see any changes from what I have tried before and this code. I can see lot of stackoverflow questions over there for this topic and I couldnt find the solution.
I have tried this link als Expire session in flask in ajax context
But I am not sure what should I pass as a session and what qualifier I should return here?
@mod.before_request
def make_session_permanent():
if session_is_invalid(session):
return redirect(url_for('logout'))
def session_is_invalid(ses):
# return your qualifier
if the previous method is correct can some one tell me what is the session and what qualifier I should return here?
What I need is after session log out the page should automatically land on the login screen What is happening is session log out is happening but it's not redirecting to login page
could some one help me in this?
1 answers
solution1
7 ACCPTED 2020-05-26 15:57:49
When I read the documents of the Flask-Login package, i saw a few things. When creating your Flask application, you also need to create a login manager.
login_manager = LoginManager()
A login_view variable in LoginManager class caught my attention. The details include the following explanation:
The name of the view to redirect to when the user needs to log in. (This can be an absolute URL as well, if your authentication machinery is external to your application.)
Actually, after you create a LoginManager object,
login_manager.login_view = 'your login view'
You should specify your login page. Finally, Once the actual application object has been created, you can configure it for login with:
login_manager.init_app(app)
After doing these, any unauthorized calls to every method you use @login_required annotation will be sent to the page you have pointed out with login_view .
I also developed a simple application. You can review this application from here . I tested it and working without any problems.
I hope it helps you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.