python flask-login: current_user keep anonymous

Question

I'm using flask-login and this problem occur.

The log-in function run as following:

@api.route('/login', methods=['POST'])
def login():
    if current_user.is_authenticated():
        return jsonify(flag='success')
    username = request.form.get('username')
    password = request.form.get('password')
    if username and password:
        user, authenticated = fsUser.authenticate(username, password)
        if user and authenticated:
            if login_user(user, remember='y'):
                print 'is authenticated: ',current_user.is_authenticated()
                return jsonify(flag='success')

    current_app.logger.debug('login(api) failed, username: %s.' % username)
    return jsonify(flag='fail', msg='Sorry, try again.')

The code is working just fine. It run normally even toward the return flag='success'. I have checked and see there's session it create. All work well except that the current_user is still anonymous. So the current_user.is_authenticated() still return fail.

And I got no clue where to check, can anyone help me?

P.S. the user object is gotten from SQL database by SQLAlchemy. If it's maybe the source of problem I can provide the model.py after a bit modification too.

Edit: My user callback definition:

@login_manager.user_loader
def load_user(id):
  user = cache.get(id)
  if not user:
    user = User.get_by_id(id)
    cache.set(id, user, 20*60)
  return user

I've print out to check, the user return above is corrent, it's just the current_user still anonymous object as default

The User class:

class User(db.Model, UserMixin):

    __tablename__ = 'my_users'

    id = Column('user_id', db.Integer, primary_key=True)
    level = Column('user_level', db.Integer, nullable=False)
    name = Column('user_name', db.String(255))
    email = Column('user_email', db.String(255), nullable=False, unique=True)


    # ===============================================================
    # Users

    # ================================================================
    # Password
    _password = Column('user_password', db.String, nullable=False)

    def _get_password(self):
        return self._password

    def _set_password(self, password):
        self._password = generate_password_hash(password)
    # Hide password encryption by exposing password field only.
    password = db.synonym('_password',
                          descriptor=property(_get_password,
                                              _set_password))

    def check_password(self, password):
        if self.password is None:
            return False
        return check_password_hash(self.password, password)

    def is_authenticated(self):
      return True

    def is_active(self):
      return True

    def is_anonymous(self):
      return False

    def get_id(self):
      return unicode(self.id)

    def find_user(self):
      return unicode('hahaha@gmail.com')

Answer 1

I totally forgot about this. Turn out it actually because we use multi cached server. So sometimes logged in user in this server is not cached in other server. Solved with use sentinel redis.