Search code examples
htmlflaskflask-loginintel-edison

why is my code skipping my index page?

Whenever I go to the login site (0.0.0.0:5000/), the page immediately reverts to 0.0.0.0:5000/admin. Any ideas on why this is happening?

running through yocto on intel edison. editing via putty

@app.errorhandler(404)
@app.errorhandler(500)
def errorpage(e):
    return render_template('404.html')

def login_required(f):
    @wraps(f)
    def wrap(*args, **kwargs):
        if 'logged_in' in session:
            return f(*args, **kwargs)
        else:
            flash('please login first.')
            return redirect (url_for('index'))
    return wrap

@app.route('/', methods=['GET','POST'])
def index():
    error = None
    if  request.method == 'POST':
        if request.form['username'] != 'admin' or request.form['password'] != 'password':
            error = 'invalid attempt.'

    else:
        session['logged_in'] = True
        return redirect(url_for('admin'))
    return render_template('index.html', error = error)

@app.route('/logout')
def logout():
    session.pop('logged_in', None)
    return render_template('/logout.html')

@app.route('/admin',methods=['GET','POST'])
@login_required
def admin():
Solution

  • It looks like as soon as anyone hits the page with a GET, it's set as logged_in = True and redirects to /admin

    @app.route('/', methods=['GET','POST'])
def index():
    error = None
    if  request.method == 'POST':
        if request.form['username'] != 'admin' or request.form['password'] != 'password':
            error = 'invalid attempt.'

    else: # this is always triggered for GETs, even if not logged in!
        session['logged_in'] = True
        return redirect(url_for('admin'))
    return render_template('index.html', error = error)

    Instead, you should be checking that they're already logged in, and set the logged_in property in the POST block instead, after credentials have been checked.

    Actually, it just looks like your indenting is off on your else block:

    @app.route('/', methods=['GET','POST'])
def index():
    error = None
    if  request.method == 'POST':
        if request.form['username'] != 'admin' or request.form['password'] != 'password':
            error = 'invalid'
        else: # this indenting should work now
            session['logged_in'] = True
            return redirect(url_for('admin'))

    return render_template('index.html', error = error)