Flask - Login #
一、安装与配置 #
1.1 安装 #
bash
pip install flask-login
1.2 初始化 #
python
from flask import Flask
from flask_login import LoginManager
app = Flask(__name__)
app.config['SECRET_KEY'] = 'your-secret-key'
login_manager = LoginManager(app)
login_manager.login_view = 'auth.login'
login_manager.login_message = '请登录后访问'
二、用户模型 #
2.1 实现UserMixin #
python
from flask_login import UserMixin
from app import db
class User(UserMixin, db.Model):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(80), unique=True)
email = db.Column(db.String(120), unique=True)
password_hash = db.Column(db.String(128))
2.2 用户加载器 #
python
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
三、登录与登出 #
3.1 用户登录 #
python
from flask_login import login_user
from flask import redirect, url_for
@app.route('/login', methods=['GET', 'POST'])
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and user.check_password(form.password.data):
login_user(user, remember=form.remember.data)
return redirect(url_for('index'))
return render_template('login.html', form=form)
3.2 用户登出 #
python
from flask_login import logout_user
@app.route('/logout')
def logout():
logout_user()
return redirect(url_for('index'))
四、访问控制 #
4.1 login_required装饰器 #
python
from flask_login import login_required
@app.route('/profile')
@login_required
def profile():
return '用户资料'
4.2 current_user对象 #
python
from flask_login import current_user
@app.route('/profile')
@login_required
def profile():
return f'欢迎, {current_user.username}'
4.3 模板中使用 #
html
{% if current_user.is_authenticated %}
<p>欢迎, {{ current_user.username }}</p>
<a href="{{ url_for('logout') }}">登出</a>
{% else %}
<a href="{{ url_for('login') }}">登录</a>
{% endif %}
五、记住我功能 #
5.1 启用记住我 #
python
login_user(user, remember=True)
5.2 配置 #
python
app.config['REMEMBER_COOKIE_DURATION'] = timedelta(days=7)
app.config['REMEMBER_COOKIE_SECURE'] = True
六、下一步 #
接下来让我们学习 密码安全,了解密码加密!
最后更新:2026-03-28