search

Azure-Samples / ms-identity-python-webapp

A Python web application calling Microsoft graph that is secured using the Microsoft identity platform
MIT License
284 stars 135 forks source link

Ensure User is logged in before redirecting to a Different Page #61

Closed nfoley84 closed 3 years ago

nfoley84 commented 3 years ago

Hi,

looking at the Code for the index; you are getting the session.get if there is no session you are redirecting them to login. Can I do the same if I want to ensure someone is logged in before they go to a different page if a user goes types in localhost/dashboard on the application? can I use session.get() or do I need to import Flask Login and use @login_required? 

@app.route("/dashboard")
def dashboard():
   If not session.get("user"):
     return redirect(url_for("login"))

  #Do Something
  return render_template('dashboard.html')
rayluo commented 3 years ago

Hi @nfoley84 , thanks for registering on github just to ask us this question. We are honoured to have you here. :-)

This sample app was designed on top of vanilla Flask (see also "What Flask is, What Flask is Not"), so, Flask Login is not relevant in this sample.

And yes, currently the if not session.get("user"): return redirect(url_for("login")) is the right pattern to detect whether the end user has logged in. Presumably, this is the most easy-to-understand way. (Note: In future versions, if/when the underlying sign-in/sign-out logic become more complex, we may introduce our own @login_required decorator. You can use the "Watch" button at the upper right of the current github page to subscribe future release notes, to get informed with latest new features.)

nfoley84 commented 3 years ago

Thanks @rayluo.