dashboard + dynamic user variables

by: kingfitz, 8 years ago

Last edited: 8 years ago

hey, just had a quick question regarding the basic login system we created in flask tutorial.  i built a simple user dashboard with sidebar layout, with login required access.  i was able to get username variable come through for the session because it was defined in the register function.  also wanted to add the email and createdOn timestamp{{ session.get('createdOn') }}?  but how would i interact with the db column here?  ({{ session.get('email') }} only worked on registration since I put a variable there but after relogging in it displays None.  seems like i need a variable for email on login page. hmm)

my sql table is : uid, username, email, password, settings, tracking, createdOn

<hr> <h4> Account username: </h4>  {{ session.get('username') }}
<hr> <h4> Email Address: </h4>   {{ session.get('email') }}
<hr>  <h4> <a href="/changepw/">   Change Password  </a> </h4>
<hr> <h4> Account created on: </h4>   {{ }}

also wondering if you know a working change password/email or in that case an email confirmation function for the register process, because they would both be similar.

these are basic beginnings of a user dashboard, but later I want to have more dynamic functions, like personalized project data, project status and forms for the user to submit content.  beyond that i need an admin user to manage and view these users and their data, but thats a different rats nest entirely.  ill look into flask admin.

heres my register login and dashboard system in its entirety if it helps for quick reference

https://dpaste.de/mAVg

eventually i want to revamp my app to an mvc-like organizational pattern and look at tying some flask extensions together like flask admin, flask login, flask security, flask sql alchemy, etc.  was wondering what your thoughts are about this for a more professional flask app, as opposed to the basic one we built all in one init.py file.  ok done rambling thanks again bro



You must be logged in to post. Please login or register an account.



For email confirmation, you just have a randomly generated token that is assigned to an email, and you can store it in a table. Usually this token is good forever as long as someone uses it, since all it does is validate an email, but you can also put a 48 hour limit or something on it. Just save the time that the token was generated.

For password resetting, I generate a token, associated with that specific user, and it's good for 5 minutes. Again, I save it to a table in the database, the username, and the time that it was created.

I then email the person with the token.

When someone clicks the link with that token, they fill in their username or email, and a new password. This way, someone has to know the username AND the token...so it's a little different than email confirmation, but both use tokens...it's just that a password reset needs to be a bit more secure.

I am not totally certain I am following your issue with created/email, but it seems like you're just wanting to grab the created on dates for users. You can just pull that data and save to the session on login and/or registration. You set these in the python script, treating it like a dictionary is fine, so you can do something like

session['created'] = CREATED_DATE


...doing that on login. Then you can always just reference session elements with
session['YOUR_ELEMENT']


As for mixing together flask extensions....meh. I don't, but it's not a bad idea or anything. This entire website is all within a single file, and I use basically no extensions. People ask me what I used for these forums, or for handling payments, or for CMS....etc... I just build my own, because I enjoy doing it.

Writing your own forums/cms/whatever is more prone for problems, but I like it for the customization. I couldn't find a forum for example that was stupid simple like this one is, and I prefer it.

That said, these forums, and basically everything on this site, are more prone to errors and bugs. It's not as widely tested as the major Flask extensions, so it can be easily argued that it's stupid to build your own systems. I just personally enjoy doing it, so I do...and I personally hate using other people's systems, since I always want something pretty darn specific, and it's never exactly what I want.


-Harrison 8 years ago
Last edited 8 years ago

You must be logged in to post. Please login or register an account.