# coding=utf-8 import flask app = flask.Flask(__name__) app.secret_key = 'super secret string' import flask_login from flask_login import login_required login_manager = flask_login.LoginManager() login_manager.init_app(app) users = {'foo@bar.tld': {'pw': 'secret'}} class User(flask_login.UserMixin): pass @login_manager.user_loader def user_loader(email): if email not in users: return user = User() user.id = email return user @login_manager.request_loader def request_loader(request): email = request.form.get('email') if email not in users: return user = User() user.id = email print '123' user.is_authenticated = request.form['pw'] == users[email]['pw'] return user @app.route('/login', methods=['GET', 'POST']) def login(): if flask.request.method == 'GET': return ''' <form action='login' method='POST'> <input type='text' name='email' id='email' placeholder='email'></input> <input type='password' name='pw' id='pw' placeholder='password'></input> <input type='submit' name='submit'></input> </form> ''' email = flask.request.form['email'] if email not in users: print '不存在' if email in users: if flask.request.form['pw'] == users[email]['pw']: user = User() user.id = email flask_login.login_user(user) return flask.redirect(flask.url_for('protected')) return 'Bad login' @app.route('/protected') @flask_login.login_required def protected(): return 'Logged in as: ' + flask_login.current_user.id @app.route('/logout') def logout(): flask_login.logout_user() return 'Logged out' @login_manager.unauthorized_handler # 未登录将会被执行这个函数 def unauthorized_handler(): return 'Unauthorized' @app.route('/require') @login_required def require(): return 'require' if __name__ == '__main__': app.run(debug=True)