Saurabh Shrivastava
Reputation: 1484
Flask: Clear session from admin prospective
In my flask app, logout can clear the session.
@app.route('/logout')
def logout():
session.clear()
return redirect(url_for('index'))
But logout is called only when user click logout on my website.
I am implementing a functionality where i can block a mysterious user. So, i need to force logout the user without his consent. My logic would also work if i can clear his session. Please guide.
Note: someone suggested to change app.secret_key. But that would clear session for all users and not a particular user only.
Upvotes: 0
Views: 268
Answers (1)
DarkSuniuM
Reputation: 2582
So you have to check out if user is banned or not before each request!
@app.before_request
def before_request():
user = findUser()
if user.isBanned():
return redirect(url_for('logout'))
Something like this would work,
Ofc you have to implant findUser and isBanned, findUser should return a User object, and isBanned should return True or False
Upvotes: 1
Related Questions
- How do I clear a flask session?
- Clean server-side session files - Flask-Session using filesystem
- How can I cycle through sessions in flask?
- Using sessions in flask
- Flask Sessions - Session isn't always removed on logout (Works sometimes)
- How do you "clear" only specific Flask session variables?
- Flask session log out and redirect to login page
- Flask Logout All Sessions of a Specific User
- Invalidate an old session in Flask
- How to I delete all Flask sessions?