Mike Pennington Mike Pennington - 10 months ago 58
Python Question

Issue with Flask Blueprints and login redirects

I have a sample Flask app which mostly works. The base URL (

) doesn't require authentication; however, I have a resource at
, which requires authentication.

The app works very well as long as a user is logged in; however, it throws a
werkzeug.routing.BuildError (BuildError: Could not build url for endpoint 'login' with values ['next']. Did you mean 'auth.login' instead?)
when someone tries to access
as an unauthenticated user, because I have it coded like this:

def secured():
return 'Login Success! {0}'.format(session)

I'm using Flask Blueprints for my URL routing... I assumed this should work...

def create_app(config_name):
from .main import main as main_blueprint
from .auth import auth as auth_blueprint

# Configure the flask instance...
app = Flask(__name__)

# Initialize the application...

# Blueprint registration
app.register_blueprint(auth_blueprint, url_prefix='/auth')

return app

The app directory is built as follows:

+ config.py
+ manage.py
+ app/
+ __init__.py
+ auth/
+ __init__.py
+ views.py
+ main/
+ __init__.py
+ views.py

As best I can tell, something is messed up in my blueprint registration; however, I'm at a loss for where the error is.

How do I make an unauthenticated user redirect correctly to the
URL when they surf to
as an unauthenticated user?


Looks like there are a couple of problems.

The first is a missing config parameter, LDAP_LOGIN_VIEW. The default is login but since you don't have a view named 'login', you probably want to set this to be auth.login in your config file:

LDAP_LOGIN_VIEW = 'auth.login'

The next issue is that your auth.login doesn't handle a next parameter. The next parameter tells the login function where to redirect after a successful login. This might cause a problem since flask-simpleldap is passing a next parameter here.

return redirect(url_for(current_app.config['LDAP_LOGIN_VIEW'], 

You can access the next parameter through the request object.


from flask import request
@app.route('/login', methods=['POST', 'GET'])
def login():
    error = None
    if request.method == 'POST':
        if valid_login(request.form['username'],
            return log_the_user_in(request.form['username'])
            error = 'Invalid username/password'
    # the code below is executed if the request method
    # was GET or the credentials were invalid
    return render_template('login.html', error=error)