# Flask Login

***

**1. Quickstart:** Initialize the LoginManager and check if the user is logged in.

```python
from flask import Flask, redirect, url_for, render_template
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user

app = Flask(__name__)

# Initialize the LoginManager
login_manager = LoginManager()
login_manager.init_app(app)

# Create a custom User class that implements the UserMixin
class User(UserMixin):
    def __init__(self, id, username, password):
        self.id = id
        self.username = username
        self.password = password

# Define the login endpoint
@app.route("/login", methods=["POST"])
def login():
    username = request.form.get("username")
    password = request.form.get("password")

    user = User.query.filter_by(username=username).first()

    if user and user.password == password:
        login_user(user)
        return redirect(url_for("index"))

# Define a protected page
@app.route("/")
@login_required
def index():
    return render_template("index.html", current_user=current_user)

# Define the logout endpoint
@app.route("/logout")
@login_required
def logout():
    logout_user()
    return redirect(url_for("login"))

if __name__ == "__main__":
    app.run(debug=True)
```

**2. Storing user data in the database:** Use a database model to store user data and retrieve it for authentication.

```python
from flask_sqlalchemy import SQLAlchemy
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user

app = Flask(__name__)

# Initialize the database
db = SQLAlchemy(app)

# Create a User model
class User(UserMixin, db.Model):
    id = db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(150), unique=True)
    password = db.Column(db.String(150))

# Initialize the LoginManager
login_manager = LoginManager()
login_manager.init_app(app)

# Define the login_user_loader function
@login_manager.user_loader
def load_user(user_id):
    return User.query.get(int(user_id))

# Define the login endpoint
@app.route("/login", methods=["POST"])
def login():
    username = request.form.get("username")
    password = request.form.get("password")

    user = User.query.filter_by(username=username).first()

    if user and user.password == password:
        login_user(user)
        return redirect(url_for("index"))

# Define a protected page
@app.route("/")
@login_required
def index():
    return render_template("index.html", current_user=current_user)

# Define the logout endpoint
@app.route("/logout")
@login_required
def logout():
    logout_user()
    return redirect(url_for("login"))

if __name__ == "__main__":
    app.run(debug=True)
```

**3. Customizing the authentication process:** Override the user\_loader function to implement a custom authentication process.

```python
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user

app = Flask(__name__)

# Initialize the LoginManager
login_manager = LoginManager()
login_manager.init_app(app)

# Define the custom user_loader function
@login_manager.user_loader
def load_user(user_id):
    # Implement your custom authentication logic here
    user = fetch_user_from_database(user_id)
    return user

# Define the login endpoint
@app.route("/login", methods=["POST"])
def login():
    username = request.form.get("username")
    password = request.form.get("password")

    user = load_user(username)

    if user and user.password == password:
        login_user(user)
        return redirect(url_for("index"))

# Define a protected page
@app.route("/")
@login_required
def index():
    return render_template("index.html", current_user=current_user)

# Define the logout endpoint
@app.route("/logout")
@login_required
def logout():
    logout_user()
    return redirect(url_for("login"))

if __name__ == "__main__":
    app.run(debug=True)
```

**4. Using a third-party authentication service:** Integrate with a third-party authentication service such as OAuth or OpenID Connect.

```python
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user
from oauthlib.oauth2 import WebApplicationClient

app = Flask(__name__)

# Initialize the LoginManager
login_manager = LoginManager()
login_manager.init_app(app)

# Configure the OAuth client
oauth_client = WebApplicationClient("client_id", "client_secret")

# Define the login endpoint
@app.route("/login")
def login():
    authorization_url, state = oauth_client.prepare_request_uri("https://example.com/oauth2/authorize")

    return redirect(authorization_url)

# Define the callback endpoint
@app.route("/callback")
def callback():
    code = request.args.get("code")
    state = request.args.get("state")

    access_token, expires_in, refresh_token = oauth_client.parse_request_body(request.data)

    user_data = oauth_client.get("https://example.com/api/v1/user").json()

    user = User(user_data["id"], user_data["username"])
    login_user(user)

    return redirect(url_for("index"))

# Define a protected page
@app.route("/")
@login_required
def index():
    return render_template("index.html", current_user=current_user)

# Define the logout endpoint
@app.route("/logout")
@login_required
def logout():
    logout_user()
    return redirect(url_for("login"))

if __name__ == "__main__":
    app.run(debug=True)
```

**5. Protecting specific routes:** Use the login\_required decorator to protect specific routes only for authenticated users.

```python
from flask import Flask, redirect, url_for, render_template
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user

app = Flask(__name__)

# Initialize the LoginManager
login_manager = LoginManager()
login_manager.init_app(app)

# Create a custom User class that implements the UserMixin
class User(UserMixin):
    def __init__(self, id, username, password):
        self.id = id
        self.username = username
        self.password = password

# Define the login endpoint
@app.route("/login", methods=["POST"])
def login():
    username = request.form.get("username")
    password = request.form.get("password")

    user = User.query.filter_by(username=username).first()

    if user and user.password == password:
        login_user(user)
        return redirect(url_for("index"))

# Define a protected page
@app.route("/")
@login_required
def index():
    return render_template("index.html", current_user=current_user)

# Define the logout endpoint
@app.route("/logout")
@login_required
def logout():
    logout_user()
    return redirect(url_for("login"))

if __name__ == "__main__":
    app.run(debug=True)
```

**6. Remember me functionality:** Use the remember\_me parameter in login\_user to allow users to remain logged in even after closing the browser.

```python
from flask import Flask, redirect, url_for, render_template
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user

app = Flask(__name__)

# Initialize the LoginManager
login_manager = LoginManager()
login_manager.init_app(app)

# Create a custom User class that implements the UserMixin
class User(UserMixin):
    def __init__(self, id, username, password):
        self.id = id
        self.username = username
        self.password = password

# Define the login endpoint
@app.route("/login", methods=["POST"])
def login():
    username = request.form.get("username")
    password = request.form.get("password")
    remember_me = request.form.get("remember_me")

    user = User.query.filter_by(username=username).first()

    if user and user.password == password:
        login_user(user, remember=remember_me)
        return redirect(url_for("index

```