Learn
We’ve all experienced a time when we thought we were logged into a site and tried to access a protected page. Some sites handle this better than others, by letting the user know that the requested page is only for authenticated users.
When our user tries to access protected pages without logging in or encounters an error upon login, its best we communicate this somehow to the user.
We can catch authorization issues by adding a new route or endpoint with the @login_manager.unauthorized_handler
decorator:
@login_manager.unauthorized_handler def unauthorized(): # do stuff return "Sorry you must be logged in to view this page"
- the
@login_manager.unauthorized_handler
decorator ensures that any time there is an authorization issue, theunauthorized()
route is called - the message in the
return
statement is HTML that is served to non-authenticated users. We can replace this with a template that users who fail to login see.
Instructions
1.
Use the @login_manager.unauthorized_handler
decorator to handle access errors.
Sign up to start coding
By signing up for Codecademy, you agree to Codecademy's Terms of Service & Privacy Policy.