Flask authentication with Flask-Security

Question

Trying to enable login in flask with flask-security. The following code works fine (I import in __init__.py)

from flask import Blueprint, render_template, request, redirect, url_for
from coursly import app
from coursly.models import *
from flask.ext.security import Security, LoginForm, SQLAlchemyUserDatastore

user_datastore = SQLAlchemyUserDatastore(db, user.User, user.Role)
Security(app, user_datastore)

user = Blueprint('user', __name__)

@user.route('/')
def index():
    return redirect(url_for("user.login"))

@user.route('/login', methods=['GET', 'POST'])
def login():
    return render_template('user/login.html', content='Login Page', action=url_for('auth.authenticate'), form=LoginForm())

If, however, I change user = Blueprint('user', __name__) to user = Blueprint('user', __name__, url_prefix='/blah') it fails with a werkzeug.routing.BuildError BuildError: ('auth.authenticate', {}, None). url_for is the problem, however, I don't understand why. HALP!

Answer 1

Figured it out. Turns out Flask-security already has /login /logout built in and my login function was largely ignored. It wasn't used during normal app execution. Except url_for was still processed hence the BuildError.

I was trying to use an outdated example from https://github.com/dracule/FlaskBootstrapSecurity and it was a fail. Flask-Security was updated 3 mo ago. The action param should be updated to action=url_for('security.login') and it will work.

TL;DR adding a url_prefix will not use Flask-Security's built in /login /logout and a lot of vars were renamed