My app implements a shopping cart in which anonymous users can fill their cart with products. User Login is required only before payment. How can this be implemented?
The main challenge is that flask must keep track of the user (even if anonymous) and their orders. My current approach is to leverage the AnonymousUserMixin
object that is assigned to current_user
. The assumption is that current_user
will not change throughout the session. However, I noticed that a new AnonymousUserMixin
object is assigned to current_user
, for example, upon every browser page refresh. Notice that this does not happen if a user is authenticated.
Any suggestions on how to circumvent this?
There is no need for a custom AnonymousUserMixin
, you can keep the shopping cart data in session:
You can use a AnonymousUserMixin
subclass if you like, but you need to add some logic to it so that you can associate each anonymous user with a cart stored in your database.
This is what you can do:
When a new user connects to your application you assign a randomly generated unique id. You can write this random id to the user session (if you want the cart to be dropped when the user closes the browser window) or to a long-lived cookie (if you want the cart to be remembered even after closing the browser). You can use Flask-Login for managing the session/cookie actually, you don't have to treat unknown users as anonymous, as soon as you assign an id to them you can treat them as logged in users.
How do you know if an anonymous user is known or new? When the user connects you check if the session or cookie exist, and look for the id there. If an id is found, then you can locate the cart for the user. If you use a subclass of AnonymousUserMixin
, then you can add the id as a member variable, so that you can do current_user.id
even for anonymous users. You can have this logic in the Flask-Login user loader callback.
When the user is ready to pay you convert the anonymous user to a registered user, preserving the id.
If you have a cron job that routinely cleans up old/abandoned anonymous carts from the database, you may find that an old anonymous user connects and provides a user id that does not have a cart in the database (because the cart was deemed stale and deleted). You can handle this by creating a brand new cart for the same id, and you can even notify the user that the contents of the cart expired and were removed.
Hope this helps!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With