Tutorials › Flask Web Framework › Flask Login

Flask Login

6 min read Quiz at the end

Add login, logout, and @login_required protection to routes with Flask-Login.

Authentication with Flask-Login

pip install flask-login

from flask_login import LoginManager, UserMixin, login_user, logout_user, login_required, current_user

login_manager = LoginManager()
login_manager.login_view = "auth.login"

class User(UserMixin, db.Model):
    # UserMixin adds: is_authenticated, is_active, get_id()
    pass

@login_manager.user_loader
def load_user(user_id):
    return db.session.get(User, int(user_id))

# Login
@auth_bp.route("/login", methods=["GET","POST"])
def login():
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).first()
        if user and user.check_password(form.password.data):
            login_user(user, remember=form.remember.data)
            return redirect(url_for("main.dashboard"))
    return render_template("login.html", form=form)

# Protect routes
@app.route("/dashboard")
@login_required
def dashboard():
    return "Hello " + current_user.name

@auth_bp.route("/logout")
@login_required
def logout():
    logout_user()
    return redirect(url_for("auth.login"))

← Flask Forms Next: REST API with Flask →

Topic Quiz · 3 questions

Test your understanding before moving on

1. Which mixin does Flask-Login require on the User model?

💡 UserMixin adds is_authenticated, is_active, get_id() required by Flask-Login.

2. What does @login_required do?

💡 @login_required redirects to login_manager.login_view if not authenticated.

3. How do you get the currently logged-in user?

💡 current_user from flask_login is a proxy to the authenticated User object.

Quick Access

Flask Login

Authentication with Flask-Login

Test your understanding before moving on