Using the session
One way to create authentication in Flask is to use the session object. The session object is an object in Flask that creates an easy way for the server to store information in the user's browser with cookies. The stored data is cryptographically signed with the app's secret key. If the user attempts to modify the cookie, then the sign will no longer be valid and the cookie will not be read.
The session object has the same API as a dict object. To add data to it, simply use this:
session['key'] = data
To retrieve data, use this:
session['key']
To log a user in, a username key will be added to the session and set to the username of the current user.
@main_blueprint.route('/login', methods=['GET', 'POST'])
def login():
form = LoginForm()
if form.validate_on_submit():
# Add the user's name to the cookie
session['username'] = form.username.data
return render_template('login.html', form=form)To log the user out, the key can be popped from the session...
