Flask 系列之 LoginManager

說明

• 操作系統：Windows 10
• Python 版本：3.7x
• 虛擬環境管理器：virtualenv
• 代碼編輯器：VS Code

實驗目標

通過使用 flask-login 進行會話管理的相關操作，並完成用戶合法性登陸和退出。

安裝

pip install flask-login

使用

首先，在 todlist\app\__init__.py 中創建 login_manager，並進行相關配置，示例代碼如下所示：

from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_bootstrap import Bootstrap
from flask_login import LoginManager
from config import Config

app = Flask(__name__)
app.config.from_object(Config)

db = SQLAlchemy(app)
bootstrap = Bootstrap(app)

login_manager = LoginManager(app)
login_manager.login_view = 'login'
login_manager.login_message = '你必須登陸后才能訪問該頁面'
login_manager.login_message_category = "info"

from app import views

然后，完善我們 todolist\models.py 中關於用戶密碼校驗部分的邏輯處理，示例代碼如下所示：

from app import db, login_manager
from datetime import datetime
from werkzeug.security import check_password_hash, generate_password_hash
from flask_login import UserMixin, login_user


@login_manager.user_loader
def load_user(user_id):
    user = User.query.get(user_id)
    return user


class User(db.Model, UserMixin):
    __tablename__ = 'users'
    # __table_args__ = {"useexisting": True}

    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(20), nullable=False, unique=True)
    email = db.Column(db.String(120), nullable=False, unique=True)
    pwd = db.Column(db.String(120), nullable=False)

    things = db.relationship('Thing', backref='User', lazy='dynamic')

    def __repr__(self):
        return "<User %r>" % self.name

    def generate_password_hash(self, pwd):
        self.pwd = generate_password_hash(pwd)

    def check_password_hash(self, pwd):
        return check_password_hash(self.pwd, pwd)


class Thing(db.Model):
    __tablename__ = 'things'
    # __table_args__ = {"useexisting": True}

    id = db.Column(db.Integer, primary_key=True)
    user_id = db.Column(db.Integer, db.ForeignKey('users.id'))
    title = db.Column(db.String(20), nullable=False)
    text = db.Column(db.Text, nullable=False)
    add_date = db.Column(db.DateTime, default=datetime.now)

    def __repr__(self):
        return "<Todo %r>" % self.id

然后在 todolist\forms.py 中添加一個用於處理用戶登陸的表單提交類，示例代碼如下所示：

from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField, TextAreaField, PasswordField
from wtforms.validators import DataRequired, Length, Email, EqualTo, ValidationError
from models import User


class RegisterForm(FlaskForm):
    username = StringField('用戶名：', validators=[
                           DataRequired(), Length(min=6, max=20)])
    email = StringField('郵箱：', validators=[DataRequired(), Email()])
    pwd = PasswordField('密碼：', validators=[
        DataRequired(), Length(min=8, max=120)])
    confirm = PasswordField('確認密碼：', validators=[
                            DataRequired(), EqualTo('pwd')])
    submit = SubmitField('提交')

    def validate_username(self, username):
        user = User.query.filter_by(name=username.data).first()
        if user:
            raise ValidationError("用戶昵稱已存在。")

    def validate_email(self, email):
        user = User.query.filter_by(email=email.data).first()
        if user:
            raise ValidationError('郵箱已存在.')


class LoginForm(FlaskForm):
    username = StringField('用戶名：', validators=[
                           DataRequired(), Length(min=6, max=20)])
    password = PasswordField('密碼：', validators=[DataRequired()])
    submit = SubmitField('登陸')

    def validate_username(self, username):
        user = User.query.filter_by(name=username.data)
        if not user:
            raise ValidationError('用戶名不存在。')

然后修改我們的 todolist\app\views.py ，添加用戶登陸和登出的路由處理函數，示例代碼如下所示：

from flask import render_template, redirect, url_for, flash
from flask_login import login_user, login_required, current_user, logout_user
from app import app, db
from forms import RegisterForm, LoginForm
from models import User


@app.context_processor
def inject_user():
    user = User.query.first()
    return dict(user=user)


@app.route('/')
@app.route('/index')
def index():
    if not current_user.is_authenticated:
        return redirect(url_for('login'))
    return render_template('index.html', title="首頁")


@app.route('/login', methods=['POST', 'GET'])
def login():
    form = LoginForm()
    if form.validate_on_submit():
        name = form.username.data
        pwd = form.password.data
        user = User.query.filter_by(name=name).first()
        if user and user.check_password_hash(pwd):
            login_user(user)
            flash('登陸成功。', category='info')
            return redirect(url_for('index'))
        else:
            flash("密碼或賬戶錯誤。", category='error')
    return render_template('login.html', title='登錄', form=form)


@app.route('/logout')
@login_required
def logout():
    logout_user()
    flash('再見！')
    return redirect(url_for('login'))


@app.route('/register', methods=['POST', 'GET'])
def register():
    form = RegisterForm()
    if form.validate_on_submit():
        username = form.username.data
        email = form.email.data
        pwd = form.pwd.data
        user = User(name=username, email=email)
        user.generate_password_hash(pwd)
        db.session.add(user)
        db.session.commit()
        flash('注冊成功', category='info')
        return redirect(url_for('login'))
    return render_template('register.html', title='注冊', form=form)

接着，修改我們 todolist\app\templates\login.html 頁面，添加用戶登陸的表單，示例代碼如下所示：

{% extends 'base.html' %} {% block content %}
<h1>登錄頁面</h1>
{% from 'bootstrap/form.html' import render_form %} {{ render_form(form) }}
{% endblock %}

修改我們的 todolist\app\templates\nav.html 頁面，完善菜單欄的邏輯控制，示例代碼如下所示：

<nav class="navbar navbar-expand-lg navbar-light bg-light">
    <div class="container">
        <a class="navbar-brand" href="#">願望清單</a>

        <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent"
            aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
            <span class="navbar-toggler-icon"></span>
        </button>

        <div class="collapse navbar-collapse" id="navbarSupportedContent">
            <ul class="navbar-nav mr-auto">
                <li class="nav-item {% if request.endpoint == 'index' %} active {% endif %}">
                    <a class="nav-link" href="{{ url_for('index') }}">首頁<span class="sr-only">(current)</span></a>
                </li>
            </ul>

            <ul class="navbar-nav">
                {% if current_user.is_authenticated and user %}
                <li class="nav-item {% if request.endpoint == 'logout' %} active {% endif %}">
                    <a class="nav-link" href="{{ url_for('logout') }}">登出</a>
                </li>
                {% else %}
                <li class="nav-item {% if request.endpoint == 'login' %} active {% endif %}">
                    <a class="nav-link" href="{{ url_for('login') }}">登錄</a>
                </li>
                <li class="nav-item {% if request.endpoint == 'register' %} active {% endif %}">
                    <a class="nav-link" href="{{ url_for('register') }}">注冊</a>
                </li>
                {% endif %}
            </ul>
        </div>
    </div>
</nav>

修改我們的 todolist\app\templates\index.html 頁面，顯示當前登陸的用戶，示例代碼如下所示：

{% extends 'base.html' %} {% block content %}

{% if current_user.is_authenticated and user %}
<h1>{{ current_user.name }},歡迎回來</h1>
{% else %}
<h1>首頁</h1>
{% endif %}

{% endblock %}

此時，當我們運行起我們的網站后進入注冊頁面 http://127.0.0.1:5000 就可以進行用戶的注冊、登陸和登出了。

參考連接

• Flask-Login