Add logout to my flask app

Continuing the discussion from Day 087 - Project 87 : Authenticate:

Question:
I’m working on a program (will be released soon) and it uses ReplAuth to login. However, I can’t seem to logout, with this code:

from flask import Flask, make_response, redirect, request, url_for

app = Flask(__name__)


@app.route('/logout')
def logout():
    response = make_response(redirect(url_for('index')))
    response.delete_cookie('REPL_AUTH', domain='.' + request.host, path='/')
    return response

Can anyone help?

@app.route('/')
def home():
  session['username'] = web.auth.name
  if session.get('username'):
    return redirect('/forum')
  return render_template('home.html')
# Logout (I can't seem to add it properly
@app.route('/logout')
def logout():
    response = make_response(redirect(url_for('index')))
    response.delete_cookie('REPL_AUTH', domain='.' + request.host, path='/')
    return response

why are you using session instead of web.auth.name?

you’d have to add this line to logout

session['username'] = None

To no avail. It redirects and ignores it, the username is still the same. The cookie can be deleted, but how do I fit it in?

can you send the Repl link?

also change first line in logout

response = make_response(redirect(url_for('home')))

I did that previously, but I want the app route to be /.

Solved it:

@app.route('/logout')
@web.authenticated_template('home.html')
def logout():
    response = make_response(redirect('/'))
    response.delete_cookie('REPL_AUTH', domain='.' + request.host, path='/')
    session['username'] = web.auth.name # Added this line to store the username 
    return response

that’s what url_for('home') does, assuming you’ve set home to the route / (and you did:

)

I changed it to:
make_response(redirect('/'))
EDIT: But both work.

alr but I’m confused, how does

differ from

? web.auth.name should be None or maybe an empty string, so how is it different?

ye

Maybe because it remembers the last signin with ReplAuth so it uses that and needs a new Auth to change that. Sessions are used in this case to be able to handle multiple users signing in at once, to prevent a username overriding another user’s.

fyi web.auth is different for everyone who uses your site

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.