@Thomas Broyer
i implement the methods according to you but again occur the problem as
below
1)if i login inside the incognito window or private window i see in all
tabs or all windows session id will be same and if login user A then login
user B on same browser then user A is logout automatically and if user C
login then user B automatically logout so private window methodology not
work correctly
2)inside the Firefox containers for multi user ,occur the same problem
means if user A login and then user B login then user A logout
automatically and if i use the different modules of the Firefox containers
means if user A login inside the work window and then ,user B login inside
the shopping window and user C login inside banking window then it work
correctly but if all users login on any one window then previous users
logout automatically and i checked all tabs session id is same so through
this approach again i not achieved my desired output
i provide the code of my flask app so please read and then provide the
suggestion
i want to login all users on same browser on same system at same time
but previous users not logout although user it self logout
code of flask app is below
# Flask-Login Configuration
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'login'
# User model
class User(UserMixin):
def __init__(self,user_id, username, password ,user_type):
self.id=user_id
self.username = username
self.password = password
self.user_type = user_type
def get_id(self):
return str(self.id) # Convert to string if necessary
@login_manager.user_loader
def load_user(user_id):
user_data =collection_user.find_one({'user_type': user_id})
if user_data:
return User(user_id=user_data['user_type'],username=user_data['user_type'],
password=user_data['password'],user_type=user_data['user_type'])
return None
#LOGIN MODULE
# Route for user login
@app.route('/', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
print('inside the login')
user_type = request.form.get('user_type')
email = request.form.get('email')
password = request.form.get('password')
print('value of user type->>>', user_type)
print('value of email->>>', email)
print('value of password->>>', password)
user=collection_user.find_one({'user_type':user_type,'email':email,
'password':password})
print('value of user is->>>',user)
if user:
user_obj=load_user(user_type)
print('value of user_obj is-->>',user_obj)
login_user(user_obj)
return redirect(url_for('dashboard'))
return render_template('login.html', error='Invalid credentials,plz enter
valid id or password')
print('direct out of the if condition')
return render_template('login.html', error=None)
#Dashboard Route
@app.route('/dashboard')
@login_required
def dashboard():
if current_user.is_authenticated:
user_type=current_user.user_type
print('value user_type is-->>',user_type)
if user_type:
print('inside the if condition of user_type')
if user_type == 'admin':
print('inside the admin user')
return redirect(url_for('home_page'))
elif user_type == 'indenter':
print('inside the indenter user')
return redirect(url_for('indenter_dashboard'))
elif user_type == 'purchaser':
print('inside the purchaser user')
return redirect(url_for('purchaser_dashboard'))
elif user_type == 'store':
print('inside the store user')
return redirect(url_for('store_dashboard'))
#Handle if user not found
return redirect(url_for('login'))
# Logout Session
@app.route("/logout")
@login_required
def logout():
#Clear session data for current user
session.clear()
session.pop('user_type',None)
logout_user()
response = make_response(redirect(url_for("login")))
# response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate,
max-age=0'
# response.headers['Pragma'] = 'no-cache'
# response.headers['Expires'] = '-1'
return response
#Route for home page/admin page
@app.route('/home_page')
@login_required
def home_page():
print('inside the home function')
if current_user.is_authenticated and current_user.user_type== 'admin':
print('inside the home function')
response = make_response(render_template('home_page.html', user_email=
current_user.user_type))
# response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate,
max-age=0'
# response.headers['Pragma'] = 'no-cache'
# response.headers['Expires'] = '-1'
return response
return redirect(url_for('login'))
# Route for indenter dashboard
@app.route('/indenter_dashboard')
@login_required
def indenter_dashboard():
print('inside the indenter_dashboard function')
if current_user.is_authenticated and current_user.user_type== 'indenter':
print('inside the indenter dashboard function')
response = make_response(render_template('indenter_dashboard.html',
user_email=current_user.user_type))
# response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate,
max-age=0'
# response.headers['Pragma'] = 'no-cache'
# response.headers['Expires'] = '-1'
return response
return redirect(url_for('login'))
# Route for purchaser dashboard
@app.route('/purchaser_dashboard')
@login_required
def purchaser_dashboard():
print('inside the purchaser_dashboard function')
if current_user.is_authenticated and current_user.user_type== 'purchaser':
print('inside the purchaser dashboard function')
response = make_response(render_template('purchaser_dashboard.html',
user_email=current_user.user_type))
# response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate,
max-age=0'
# response.headers['Pragma'] = 'no-cache'
# response.headers['Expires'] = '-1'
return response
return redirect(url_for('login'))
# Route for store dashboard
@app.route('/store_dashboard')
@login_required
def store_dashboard():
print('inside the store_dashboard function')
if current_user.is_authenticated and current_user.user_type== 'store':
print('inside the store_dashboard function')
response = make_response(render_template('store_dashboard.html', user_email=
current_user.user_type))
# response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate,
max-age=0'
# response.headers['Pragma'] = 'no-cache'
# response.headers['Expires'] = '-1'
return response
return redirect(url_for('login'))
On Thursday, April 4, 2024 at 7:52:15 PM UTC+5:30 Thomas Broyer wrote:
> On Thursday, April 4, 2024 at 2:21:36 PM UTC+2 [email protected]
> wrote:
>
> ok, thanks again @Thomas Broyer for provide me the information on session
> and cookies
>
> and also read this below conditions and let me this working is wrong or
> right ......
>
> 1)in current situation in my flask app multiple user login possible but
> browsers also have different means one user login on one browser and if
> users are same on same browser then it works properly but if user is same
> and again same user login then generate new session id inside the cookies
> and this session id also replace in all tabs of the same browser where
> this specific user already login
>
>
> That's right, which is why you'd want your app to somehow detect when it
> loads that a session already exists and can just be reused, rather than
> showing the login screen and forcing the creation of a new session,
> replacing the previous one and possibly impacting other tabs.
>
> 2)i wants to test my flask app in same browser but i wants to different
> user login and if new user login then previous user don't logout
> automatically
>
>
> Use incognito/private mode. In Firefox you can use "containers" to, well,
> containerize, tabs with different sets of cookies:
> https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/
>
>
> so read all above conditions or doubts and then provide me suggestions
> On Thursday, April 4, 2024 at 3:13:20 PM UTC+5:30 Thomas Broyer wrote:
>
> Not sure what more I can say.
>
>
> - "Server-side sessions" use cookies, which are global to the whole
> browser (not per-tab), so if you want per-tab sessions you have to find
> another approach than "server-side sessions"
> - Per-tab sessions are not what most sites/apps do, so users will
> likely not expect it (and most users login with a single account at a time
> anyway, so it's mostly a non-issue). In other words, you want to do
> something that people are not accustomed to. More clearly: don't do it
> (unless you have very, very, very good reasons to)
> - What you should do though (that you probably don't do nowadays,
> which lead you to discover that behavior of your app) is to somehow check,
> when your app loads, whether there's already a session or not (generally,
> make a request to the server to get the user's information –username,
> etc.–
> and handle errors so you display the login form when unauthenticated).
> Opening your app in multiple tabs (after authenticating in one tab)
> shouldn't show you the login form.
>
>
>
> On Thursday, April 4, 2024 at 9:55:24 AM UTC+2 [email protected]
> wrote:
>
> thanks @Thoms Broyer
> can you elaborate more that can help me and clear what you wants to say
>
> On Wednesday, April 3, 2024 at 6:02:06 PM UTC+5:30 Thomas Broyer wrote:
>
> On Wednesday, April 3, 2024 at 1:16:58 PM UTC+2 [email protected]
> wrote:
>
> Hello everyone,
> In my flask application there is some issue related to login system and
> issue as below 1)in flask app there are multiple users(roles) like
> admin ,indentor.....etc. and the problem is that if any user login on same
> browser where already any user logged in then previous user automatically
> logout and recent user logging successfully
> 2)if browser are different and users also different means only one user
> login through one browser then there is no problem it works properly
> 3)if browser is same and user also same then same name user login
> successfully but previous same user session id change
> 4)in any browser with same web page who running on local server all
> tabs session id same inside the cookies it means on same browser all tabs
> session id same for same web application
>
> i current situation i face the issue related to session management ,and
> issue is that only one user login at same time with same browser
>
>
> This is just how the web works.
>
> If you don't want this, then you can't use cookies to maintain your
> session (e.g. generate some access token on the server that you send back
> to the client and have it send it in a header with each request to the
> server; the client could possibly save it in sessionStorage to store the
> token so it survives a page refresh while segregating it to the current tab)
> But note that I believe most users expect that middle-clicking a link (or
> right-click → open in new tab) will preserve their session, and because
> every web app out there shares the session across all tabs they won't even
> try to login with a different user in a different tab (they'll expect that
> their session is "detected" and reused, without seeing a login screen)
>
> Also, BTW, this is not GWT-related (in that, it applies whether you use
> GWT or not).
>
>
--
You received this message because you are subscribed to the Google Groups "GWT
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/google-web-toolkit/1c7c1e48-b3e1-4d02-9f85-70a61aa3a440n%40googlegroups.com.
