Flask-Login子產品提供使用者狀态的管理功能。使用flask-login首先要擷取一個loadmanager的執行個體。
1) 當使用者登入以後,如果需要記錄使用者的狀态則則可以調用 login_user函數記錄目前登入的使用者。
def login_user(user, remember=False, force=False, fresh=True):
if not force and not user.is_active:
return False
user_id = getattr(user, current_app.login_manager.id_attribute)()
session['user_id'] = user_id
session['_fresh'] = fresh
session['_id'] = _create_identifier()
if remember:
session['remember'] = 'set'
_request_ctx_stack.top.user = user
user_logged_in.send(current_app._get_current_object(), user=_get_user())
return True
login_user主要的作用就是将user的id加入到session中。getattr(user, current_app.login_manager.id_attribute)其實調用的就是user.get_id()方法是以在定義User類中需要定義get_id()方法。其實Flask-Login提供了一個UserMixin類,這個提供了
所有必要的方法和屬性。可以使自定義的類繼承這個類來滿足需求。UserMixin的定義如下:
class UserMixin(object):
if not PY2: # pragma: no cover
# Python 3 implicitly set __hash__ to None if we override __eq__
# We set it back to its default implementation
__hash__ = object.__hash__
@property
def is_active(self):
return True
@property
def is_authenticated(self):
return True
@property
def is_anonymous(self):
return False
def get_id(self):
try:
return text_type(self.id)
except AttributeError:
raise NotImplementedError('No `id` attribute - override `get_id`')
def __eq__(self, other):
'''
Checks the equality of two `UserMixin` objects using `get_id`.
'''
if isinstance(other, UserMixin):
return self.get_id() == other.get_id()
return NotImplemented
def __ne__(self, other):
'''
Checks the inequality of two `UserMixin` objects using `get_id`.
'''
equal = self.__eq__(other)
if equal is NotImplemented:
return NotImplemented
return not equal
2)當中某些操作需要使用者登入的時候,就需要用到裝飾器login_required。
@app.route('/post')
@login_required
def post():
pass
函數login_required:
def login_required(func):
@wraps(func)
def decorated_view(*args, **kwargs):
if request.method in EXEMPT_METHODS:
return func(*args, **kwargs)
elif current_app.login_manager._login_disabled:
return func(*args, **kwargs)
elif not current_user.is_authenticated:
return current_app.login_manager.unauthorized()
return func(*args, **kwargs)
return decorated_view
current_user是個函數對象最後調用的Login_Manager的_load_user函數,_load_user中調用了reload_user。 def reload_user(self, user=None):
ctx = _request_ctx_stack.top
if user is None:
user_id = session.get('user_id')
if user_id is None:
ctx.user = self.anonymous_user()
else:
if self.user_callback is None:
raise Exception(
"No user_loader has been installed for this "
"LoginManager. Add one with the "
"'LoginManager.user_loader' decorator.")
user = self.user_callback(user_id)
if user is None:
ctx.user = self.anonymous_user()
else:
ctx.user = user
else:
ctx.user = user
reload_user在Session中擷取user的id,然後傳入通過user_loader裝飾器注冊的回調函數,從這個回調中傳回使用者的執行個體。注冊使用者的回調方法如下:
@loginManager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
如果沒有找到則傳回一個AnonymousUserMixin的執行個體。
class AnonymousUserMixin(object):
'''
This is the default object for representing an anonymous user.
'''
@property
def is_authenticated(self):
return False
@property
def is_active(self):
return False
@property
def is_anonymous(self):
return True
def get_id(self):
return
如果user類繼承自UserMixin則current_user.is_authenticated的值為Ture表示使用者已經登入認證了。
![TestLink導出用例轉換工具(XML2Excel)[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)