Session did not persist when using blueprints

[magloiretouh]

Hi All,

@login_required is causing 401 unauthorized error for other blueprints in my app. different session is generated for each blueprint.

Find below the session create in user blueprint after login and the one create in another blueprint.
<FileSystemSession {'_permanent': True, '_user_id': '1', '_fresh': True, '_id': 'cccb4b6f7b79524eb989863282335583c7824ccff9039198aba43a5b82216121a6338417c7861a869007264c37311e2263718cf7668fb68f60e25592c2ddce16'}>

<FileSystemSession` {'_permanent': True}>

Login blueprint and code

`user_bp = Blueprint("user", name)

@user_bp.route('/login', methods=['POST'])
def login():
data = request.form

user = User.query.filter_by(username=data.get('username')).first()

if (user and user.check_password(data.get('password')) and data.get('password')==default_password):
    return jsonify({"message": "Redirect To Change Password !"}), 303
elif (user and user.check_password(data.get('password'))):
    login_user(user)
    return jsonify({"message": "Login successfully"}), 200
else:
    return jsonify({"error": "Invalid username or password."}), 404

`

Other blueprint

`fund_request_bp = Blueprint("fund_request", name, url_prefix="/fund_requests")

@fund_request_bp.route("/", methods=["GET"])
@login_required
def get_all_fund_request():
fund_requests = FundRequest.query.filter_by(approval_level=current_user.user_level.level)

if fund_requests.first() is None:
    return jsonify({"message": "No Funds request found."}), 200

fund_requests_serialized = [fund_request.serialize() for fund_request in fund_requests]

return jsonify(fund_requests_serialized), 200

`

App config

app = Flask(__name__) app.config['SECRET_KEY'] = 'some_secret_key' app.config['SESSION_TYPE'] = 'filesystem' app.config['SESSION_COOKIE_PATH'] = '/' login_manager = LoginManager(app) CORS(app, supports_credentials=True) Session(app)

Ps: I used postman for tests and did not get any issue

Can Flask_login works with blueprints ? if yes, what is the standard way to do it

[magloiretouh]

I find the solution, we need to add credentials: 'include' to every request done with fetch in js. I did not add it to the login request.

fetch( '/login',{ method: 'POST', body: data, credentials: 'include' },) .then(response=> { console.log(response.status); }) .catch (err => { console.log(err.message); });