Spaces:
Running
Running
David Ko
commited on
Commit
ยท
6de8fab
1
Parent(s):
630e9fb
Redirect to login instead of 401 on unauthorized/not-fresh sessions (Flask-Login handlers)
Browse files
api.py
CHANGED
|
@@ -66,6 +66,19 @@ login_manager.init_app(app)
|
|
| 66 |
login_manager.login_view = 'login'
|
| 67 |
login_manager.session_protection = 'strong'
|
| 68 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 69 |
# ์ธ์
์ค์
|
| 70 |
import tempfile
|
| 71 |
from flask_session import Session
|
|
|
|
| 66 |
login_manager.login_view = 'login'
|
| 67 |
login_manager.session_protection = 'strong'
|
| 68 |
|
| 69 |
+
# When authentication is required or session is not fresh, redirect to login instead of 401
|
| 70 |
+
login_manager.refresh_view = 'login'
|
| 71 |
+
|
| 72 |
+
@login_manager.unauthorized_handler
|
| 73 |
+
def handle_unauthorized():
|
| 74 |
+
# For non-authenticated access, send user to login
|
| 75 |
+
return redirect(url_for('login'))
|
| 76 |
+
|
| 77 |
+
@login_manager.needs_refresh_handler
|
| 78 |
+
def handle_needs_refresh():
|
| 79 |
+
# For non-fresh sessions (e.g., after expiry or only remember-cookie), send to login
|
| 80 |
+
return redirect(url_for('login'))
|
| 81 |
+
|
| 82 |
# ์ธ์
์ค์
|
| 83 |
import tempfile
|
| 84 |
from flask_session import Session
|