What's the point of the "is_authenticated" method used in Flask-Login?

First of all, is_anonymous() and is_authenticated() are each other's inverse. You could define one as the negation of the other, if you want.

You can use these two methods to determine if a user is logged in.

When nobody is logged in Flask-Login's current_user is set to an AnonymousUser object. This object responds to is_authenticated() and is_active() with False and to is_anonymous() with True.

The is_active() method has another important use. Instead of always returning True like I proposed in the tutorial, you can make it return False for banned or deactivated users and those users will not be allowed to login.

I was baffled by this is_authenticated vs is_anonymous for hours. I could not believe they were just opposite. Finally just by chance I found this old blog post. It is about a problem in the Django templating system in which non existent variables evaluates to False. That could lead to wrong behaviour when testing is_anonymous in the template code. Again that is old so I don't know if it holds. The way they solved the problem was to create is_authenticated.

I guess Flask-Login just copied the model from Django without questioning. Now I can sleep in peace.