Day 087 - Project 87 : Authenticate

If you have any questions, comments or issues with this project please post them here!

Does Repl Auth manage session handling or should I still incorporate that into my web applications?

Yes, Repl auth handles that. You can use replit.web to see if the user is authenticated and access name, id, and roles instead of using headers.

...
from replit import web

...

@web.authenticated
@app.route('/')
def index():
    return f'Hello, {web.auth.name}! Your Replit ID is {web.auth.id}.'
1 Like

Thank you! I had a feeling that that wouldn’t be a feature that the reply team would overlook but I just wanted to make sure. Thanks again!

1 Like

How do actually log out now with the authentication if you get kicked back to /edit and username == True?

It’s taken quite a few goes of disabling and enabling the authentication plus adding some html to an @app.route("/log_out") but to me it seems very hit and miss… maybe I’m not doing it correctly?

Is there a full proof way to get back to here:

It’s not really designed to enable logging out, you can re-login. Ultimately, to log out, you’d have to delete the REPL_AUTH (or whatever it’s called) cookie and refresh the page.

1 Like

And how do we delete that cookie? I’m stuck, trying to make a logout page for my project.

from flask import Flask, make_response, redirect, request, url_for

app = Flask(__name__)


@app.route('/logout')
def logout():
    response = make_response(redirect(url_for('index')))
    response.delete_cookie('REPL_AUTH', domain='.' + request.host, path='/')
    return response
1 Like

Thanks @QwertyQwerty88 that’s ‘solved :wink:’ it.

One thing I found useful to stop blank entries was to make the input required:

I also added a delete db too.

1 Like

I had a strange issue with the first part of the tutorial.

from flask import Flask, request
app = Flask(__name__)
@app.route('/')
def index():
  username = request.headers['X-Replit-User-Name']
  return f"Hello {username}"

app.run(host='0.0.0.0', port=81)

When I used 'X-Replit-User-Name' in quotes like this , I would not get the authorization page, instead it would just say Hello and never get my username.
I had to remove the quotes around X-Replit-User-Name in order for the authentication page to come up, I authenticated, but then there was an internal server error.
I then put it back in quotes and now it works. Is this normal?

I’d assume you might have had some weird caching bug, although the code you provide here wouldn’t be able to authorize you anyways.

1 Like

Thank you for your reponse. Yes it was originally also advising me to clear the cache. But I forgot until you reminded me.