我正在尝试为我的iOS移动应用程序构建一组API。在

我使用Flask-RESTful' to build RESTful type of interfaces andFlask login`帮助我处理用户登录问题。在

但是，我发现，当我使用curl登录时，服务器确实会返回成功消息，而我则会发送一个请求来获取只有登录的用户才能看到和获取的“受保护”页面

{ "message": "The server could not verify that you are authorized to access the URL requested. You either supplied the wrong credentials (e.g. a bad password), or your browser doesn't understand how to supply the credentials required." }

如果curl不发送一些“用户凭据”，这是否意味着当我的iOS应用程序发送请求时，后端仍然无法识别该用户？在

我不太明白Flask是如何处理“session”的，而且我是web开发新手。有什么解决办法吗？在

这是我的代码：

api.py

# -*- coding: utf-8 -*-

import flask_login, json
from flask import request
from flask_restful import Resource, reqparse
from models import users, User

parser = reqparse.RequestParser()


def request_parser():
    parser.add_argument('data', action='append')
    return parser.parse_args()['data'][0]


class Login(Resource):
    def get(self):
        return

    def post(self):
        # data = request_parser()
        data = request.json['data']
        email = data['email']
        test = users[email]
        if data['pw'] == users[email]['pw']:
            user = User()
            user.id = email
            flask_login.login_user(user)
            return 'login success'

        return 'Bad login'



class Protected(Resource):
    @flask_login.login_required
    def get(self):
        return 'Logged in as: ' + flask_login.current_user.id

models.py

__init__.py

# -*- coding: utf-8 -*-

from flask import Flask
from flask_restful import Resource, Api
from flask_sqlalchemy import SQLAlchemy

import flask_login
import config

app = Flask(__name__)
app.config.from_object("config")
app.secret_key = 'yangjinglei'

api = Api(app)

login_manager = flask_login.LoginManager()
login_manager.init_app(app)

db = SQLAlchemy(app, use_native_unicode="utf8")

run.py

# -*- coding: utf-8 -*-

from app import app, api
from app.api import *


api.add_resource(Login, '/login')
api.add_resource(Protected, '/protected')

if __name__ == '__main__':
    app.run(debug=True)