bull would record their email address and create a unique id for the purchase, then associate the user with the content they purchased.
It worked fantastically well. Whereas before a potential customer had to not only, enter their full name and address (both of which I had no use for), they also had to create an account on my payment processor's site. I'm not sure how many sales I lost due to the convoluted checkout process, but I'm sure it was a good deal. With bull, the time between clicking the "Buy Now" button on the book sales page to actually reading the book was about 10 seconds. Customers loved it.
I loved it too, but for a slightly different reason: since
bull was running on my web server, I could get a much richer set of analytics than if I had to send customers to a third-party site for payment. This opened the door to a host of new possibilities: A/B testing, analytics reports, custom sales reports. I was stoked.
I decided that, at a minimum, I wanted
bull to be able to display a "Sales Overview" page that contained basic sales data: transaction information, graphs of sales over time, etc. To do that (in a secure manner), I needed to add authentication and authorization to my little Flask app. Helpfully, though, I only needed to support a single, "admin" user who was authorized to view
Luckily, as is usually the case, a third-party package already existed to handle this. Flask-login is a Flask extension that enables user authentication. All that's required is a
User model and a few simple functions. Let's take a look at what was required.
bull was already using Flask-sqlalchemy to create
product models which captured the information about a sale and a product, respectively. Flask-login requires a
User model with the following