So I was doing this challenge here.
In that lesson, it shows how to log a specific user in (TheCodeLearner) but what if I have lots of accounts in my database? How do I make it so that any user that has signed up log in?
I guess that lesson wasn’t really complete if you know what I mean.
Please help me the best you can.
In that exercise, you’re comparing the credentials for a hard-coded user - keeping the code simple while you’re learning.
In a real environment where you have multiple users, you’d be storing their details in a database somewhere. So, you’d adapt the programming pattern to compare whatever the user entered into the form against the records you held in the database.
(I haven’t done the Flask material, or ever really used Flask myself, so I don’t know if working with databases in Flask comes up further down the line.)
Looking at the course overview/syllabus (hope the link works):
the 5th section seems to introduce databases:
SQL and Databases for Back-End Web Apps — Learn how to store and access data in databases using SQL and Python.
and the 6th section seems to combine the login you learn now with databases:
Advanced Flask Functionality — Discover how to add personalized experiences and security to your web applications with accounts and authentication.
so then you have a more real world experience of an authentication system.
Yes, I know how to store data in databases using SQLAlchemy, but I was wondering how to log a user in that already has a place in the database. Do I use something like
User.query.all() and loop through it?
If you want poor performance for you app, then yes. Databases can do the filtering for us. This way, we don’t have to retrieve all the data.
You can jump ahead in the course if you want? Otherwise there are tutorials like this one, which could help.
Authentication uses sessions, these are stored on the users computer, so when a user makes a request, you know which authenticated user is making the request
Thanks, I’ll look into this.
Its also important to understand the flow of authentication. Take this website for example
You are currently viewing this website in your browser. When someone on this forum post a reply, a request is made to codecademy server (to store tge reply). The server needs to know as which user you are logged in. So a piece of information (lets call it a token) is send along with the request, so the back-end knows who you are.
so when you logged into this website/forum, a piece of information (cookie) was stored on your computer.
Retrieving the user from the database, is only a small part of authentication. You might want to follow along with the course till you get there. Otherwise the amount of information might be overwhelming