表单扩展 Flask-WTF
文档: https://flask-wtf.readthedocs.io/en/stable/
安装
pip install Flask-WTF
可以进行csrf验证
代码示例
1、定义模型类 视图使用
from flask import (
Flask,
render_template,
session,
url_for,
redirect
)
from flask_wtf import FlaskForm
from wtforms import StringField, SubmitField, PasswordField
from wtforms.validators import DataRequired, EqualTo
app = Flask(__name__)
app.secret_key = "1231safdasdf"
class RegisterForm(FlaskForm):
# 标签 验证器
user_name = StringField(label="用户名", validators=[DataRequired("用户名不能为空")])
password = PasswordField(label="密码", validators=[DataRequired("密码不能为空")])
re_password = PasswordField(label="密码", validators=[DataRequired("密码不能为空"),
EqualTo("password", "两次密码不一致")])
submit = SubmitField(label="提交")
@app.route("/register", methods=["GET", "POST"])
def register():
# 如果是POST提交,前端数据会放到form对象中
form = RegisterForm()
# 验证数据,验证合格后再进行操作
if form.validate_on_submit():
username = form.user_name.data
pwd = form.password.data
re_pwd = form.re_password.data
session["user_name"] = username
return redirect(url_for("index"))
return render_template("register.html", form=form)
@app.route("/")
def index():
username = session.get("user_name")
return "注册成功:username: {}".format(username)
if __name__ == '__main__':
app.run()
2、模板使用
<form action="" method="POST">
{{ form.csrf_token }}
{{ form.user_name.label }}
<p>{{ form.user_name }}</p>
{% for msg in form.user_name.errors %}
<p>{{ msg }}</p>
{% endfor %}
{{ form.password.label }}
<p>{{ form.password }}</p>
{% for msg in form.password.errors %}
<p>{{ msg }}</p>
{% endfor %}
{{ form.re_password.label }}
<p>{{ form.re_password }}</p>
{% for msg in form.re_password.errors %}
<p>{{ msg }}</p>
{% endfor %}
{{ form.submit }}
</form>
渲染效果
