Learn
Learn
Learn web development from expert teachers. Build real projects, join our community, and accelerate your career
Get Started
Fullstack Rust Fullstack Node.js Fullstack D3 Fullstack React Fullstack React with TypeScript more →
The newline Guide to Building Your First GraphQL Server with Node and TypeScript
In this course, we'll show you how to create your first GraphQL server with Node.js and TypeScript
Enroll for free
Teach
Teach
Share your knowledge with others, earn money, and help people with their career
Apply Now
Apply To Teach A Course What Our Teachers Say
Amelia Wattenberger
Author of Fullstack D3
"Writing Fullstack D3 was a thoroughly enjoyable, fun process.

The writing was over before I knew it, and we've sold way more copies than I expected! Plus, the compliments from my peers have been really amazing."
Community
Community
Get help with programming projects, find collaborators, and make friends
Join Now
Join our Discord Server What Our Students Say
Tutorials

This video is available to students only

Flask-Login & Sessions

Setting Logins
#

The first function we'll use from flask_login is called login_user which handles the part of setting the cookie for the user.

Add this import to your users.py file (from flask_login import login_user) and then add login_user(user) to your register route.

from flask_login import login_user
...

@user_bp.route('/register', methods=["GET", "POST"])
def register():
    form = SignupForm()
    if form.validate_on_submit():
        user = User.create(form.email.data, form.password.data)
        db.session.add(user)
        db.session.commit()
        login_user(user)
        return redirect(url_for("products.index")))

    return render_template("users/register.html", form=form)

Once this step is done, anyone who submits this form will be issued a cookie that represents a request from their specific user ID. The cookie is encrypted with a secret value (SECRET_KEY) in the Flask configuration. We should not arbitrarily set plain text data in cookies for things like authentication data because it's possible for browser or end user to modify this cookie. We wouldn't want to issue a cookie saying this cookie is from User 1, and then have a the end user modify it to look like it comes from User 2. By encrypting the data with our SECRET_KEY, we can ensure that only our server can encode valid data.

Create a login form in forms.py

from werkzeug.security import  check_password_hash

class LoginForm(FlaskForm):
    email = StringField('Email', validators=[validators.email(), validators.required()])
    password = PasswordField('Password', validators=[validators.required()])

    def validate(self):
        check_validate = super(LoginForm, self).validate()
        if not check_validate:
            return False

        user = User.query.filter_by(email=self.email.data).first()

        if not user or not check_password_hash(user.password, self.password.data):
            self.email.errors.append('Invalid email or password')
            return False
        return True

In our user blueprint (users.py), add code to handle the login and call login_user

from flask import ..., flash

@user_bp.route('/login', methods=["GET", "POST"])
def login():
    form = LoginForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).one()
        login_user(user)
        flash("Logged in successfully.", "success")
        return redirect(url_for("products.index"))

    return render_template("users/login.html", form=form)

This page is a preview of Fullstack Flask: Build a Complete SaaS App with Flask

Previous Lesson:

How to Add User Login and Authentication With Flask-Login

Next Lesson:

Database Relationships and Migrations in a Flask App

New
10:132

Start a new discussion. All notification go to the author.

Learn

The newline Guide to Building Your First GraphQL Server with Node and TypeScript

Teach

Amelia Wattenberger

Author of Fullstack D3

Community

Fullstack Flask: Build a Complete SaaS App with Flask

WELCOMEIntroduction

Introduction:

Start Here

Module 1: Intro

Introduction: (1:28)

Intro to Fullstack Flask

Module 2: Building your first Flask Application

Lesson 1: (3:21)

Building your first Flask Application

Lesson 2: (5:52)

How to Install Flask and Python 3 With Virtual Environments

Lesson 3: (7:54)

How to Fetch Data From a REST API With Python and Flask

Lesson 4: (6:46)

Deploy a Flask App with the Heroku CLI and a Procfile

Module 3: Rendering Pages

Lesson 1: (11:32)

Building Your First Flask Page Template With Jinja2 and Variables

Lesson 2: (14:45)

Styling Flask Jinja2 Templates With Bootstrap, CSS, and IF Logic

Lesson 3:

Summary

Module 4: Growing our application with Blueprints

Lesson 1: (12:33)

An Intro to Building Modular Flask Applications With Blueprints

Module 5: Application Factories & Configuration

Lesson 1: (14:53)

How to Add Blueprints and Routing to Flask

Module 6: Testing

Module 7: Part II: Building Larger Flask Applications

Lesson 1: (2:27)

Our Project: Yumroad

Lesson 2: (7:45)

Set Up a Maintainable Flask Application in a Virtual Environment

Module 8: Databases & ORMs

Lesson 1: (12:27)

Connect Databases to a Flask App With SQLAlchemy ORM

Lesson 2: (16:54)

How to Query Data and Insert Database Rows With SQLAlchemy

Module 9: Building pages using our models

Lesson 1: (14:59)

Combine Flask Blueprint Pages, Jinja Templates, and Databases

Module 10: Handling Forms (with WTForms)

Lesson 1: (8:15)

Building HTML Forms and Validating Data in a Flask App

Lesson 2: (12:21)

Build HTML Forms in a Flask App With Python and WTForms

Lesson 3: (12:45)

Pre-populate a WTForms Form And Prevent CSRF Attacks

Module 11: Logins

Lesson 1: (16:32)

How to Add User Login and Authentication With Flask-Login

Lesson 2: (14:48)