V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
gkiwi
V2EX  ›  Flask

用 Flask-login 来作登陆处理,经常(但不是一直)爆出未登录异常,求经验分享...

  •  
  •   gkiwi · 2014-11-27 17:00:03 +08:00 · 2723 次点击
    这是一个创建于 3682 天前的主题,其中的信息可能已经有所发展或是发生改变。
    在局域网测试,一般都是ok的.但是以上服务器测试,手机的app就经常爆出这个问题.

    而在局域网内,app端更换自己的局域网ip **一定**会爆出这个问题,在此种情境下,我print 了cookies和session,发现都没变.

    大家是怎么处理这块的?
    谢谢.
    3 条回复    2014-11-27 17:45:34 +08:00
    hahastudio
        1
    hahastudio  
       2014-11-27 17:12:57 +08:00
    没用过 Flask

    看文档的话
    https://flask-login.readthedocs.org/en/latest/#session-protection
    提到了默认是 basic
    glasslion
        2
    glasslion  
       2014-11-27 17:17:50 +08:00
    You can configure session protection on the LoginManager, and in the app’s configuration. If it is enabled, it can operate in either basic or strong mode. To set it on the LoginManager, set the session_protection attribute to "basic" or "strong":

    login_manager.session_protection = "strong"
    Or, to disable it:

    login_manager.session_protection = None
    By default, it is activated in "basic" mode. It can be disabled in the app’s configuration by setting the SESSION_PROTECTION setting to None, "basic", or "strong".

    When session protection is active, each request, it generates an identifier for the user’s computer (basically, the MD5 hash of the IP address and user agent). If the session does not have an associated identifier, the one generated will be stored. If it has an identifier, and it matches the one generated, then the request is OK.
    gkiwi
        3
    gkiwi  
    OP
       2014-11-27 17:45:34 +08:00
    @hahastudio
    @glasslion

    谢谢两位!仔细看了下,原来配置文件里面SESSION_PROTECTION被设置成了"strong"..

    非常感谢!!
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   1335 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 23ms · UTC 23:43 · PVG 07:43 · LAX 15:43 · JFK 18:43
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.