I was able to implement web app authentication with flask-login

Overview

I am creating a web application using flask. I was able to implement it with almost the README copy and paste of the site I referred to below. The code in this article needs to write the logic for password matching.

The site that I used as a reference

https://github.com/maxcountryman/flask-login

Official documentation for flask-login https://flask-login.readthedocs.io/en/latest/

Description of flask-login

Flask-Login provides Flask user session management. Handles common tasks such as login, logout, and long-term user session memory.

Implementation

$ pip install flask flask-login

import flask
import flask_login


login_manager = flask_login.LoginManager()
login_manager.init_app(app)

app = flask.Flask(__name__)
app.secret_key = 'super secret string'  # Change this!

# Our mock database.
users = {'[email protected]': {'password': 'secret'}}

class User(flask_login.UserMixin):
    pass


@login_manager.user_loader
def user_loader(email):
    if email not in users:
        return

    user = User()
    user.id = email
    return user


@login_manager.request_loader
def request_loader(request):
    email = request.form.get('email')
    if email not in users:
        return

    user = User()
    user.id = email

    # DO NOT ever store passwords in plaintext and always compare password
    # hashes using constant-time comparison!
    user.is_authenticated = request.form['password'] == users[email]['password']

    return user

@app.route('/login', methods=['GET', 'POST'])
def login():
    if flask.request.method == 'GET':
        return '''
               <form action='login' method='POST'>
                <input type='text' name='email' id='email' placeholder='email'/>
                <input type='password' name='password' id='password' placeholder='password'/>
                <input type='submit' name='submit'/>
               </form>
               '''

    email = flask.request.form['email']
    if flask.request.form['password'] == users[email]['password']:
        user = User()
        user.id = email
        flask_login.login_user(user)
        return flask.redirect(flask.url_for('protected'))

    return 'Bad login'


@app.route('/protected')
@flask_login.login_required
def protected():
    return 'Logged in as: ' + flask_login.current_user.id

@app.route('/logout')
def logout():
    flask_login.logout_user()
    return 'Logged out'

@login_manager.unauthorized_handler
def unauthorized_handler():
    return 'Unauthorized'

if __name__ == '__main__':
    app.run(host="0.0.0.0",port=8000,debug=True)

test

You may want to implement it based on the following. https://github.com/maxcountryman/flask-login/blob/master/test_login.py