python
from flask import Flask, redirect, url_for
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user
app = Flask(__name__)
login_manager = LoginManager()
login_manager.init_app(app)
class User(UserMixin):
def __init__(self, id):
self.id = id
@login_manager.user_loader
def load_user(user_id):
return User(user_id)
@app.route("/login")
def login():
return redirect(url_for("protected"))
@app.route("/protected")
@login_required
def protected():
return "Protected Page"
@app.route("/logout")
@login_required
def logout():
return redirect(url_for("index"))
if __name__ == "__main__":
app.run()
python
from flask import Flask
from flask_jwt_extended import JWTManager, jwt_required, create_access_token
app = Flask(__name__)
jwt = JWTManager(app)
@app.route("/login", methods=["POST"])
def login():
# ...
return {"access_token": access_token}
@app.route("/protected")
@jwt_required()
def protected():
return "Protected Page"
if __name__ == "__main__":
app.run()
python
from flask import Flask, abort
from flask_login import current_user
from flask_principal import Principal, Permission, RoleNeed
app = Flask(__name__)
principal = Principal(app)
admin_role = RoleNeed("admin")
user_role = RoleNeed("user")
admin_permission = Permission(admin_role)
user_permission = Permission(user_role)
@app.route("/protected")
def protected():
if admin_permission.can() or user_permission.can():
return "Protected Page"
else:
abort(403)
if __name__ == "__main__":
app.run()