How to use Flask-WTF to implement form validation
Flask-WTF is a Flask extension for handling web form validation. It provides a concise and flexible way to validate user-submitted data. This article will show you how to use the Flask-WTF extension to implement form validation.
To use Flask-WTF, you first need to install it. You can use the pip command to install:
pip install Flask-WTF
To use Flask-WTF in a Flask application, you need to import some modules. Add the following import statement in the app.py file:
from flask import Flask, render_template, request from flask_wtf import FlaskForm from wtforms import StringField, PasswordField, SubmitField from wtforms.validators import DataRequired, Length
The modules imported here include Flask, FlaskForm and some commonly used fields and validators.
In the app.py file, create a form class that inherits from FlaskForm. Each form field is defined as a property of the class, and validators to be applied can be specified via the validators parameter. For example, the following is a simple login form class:
class LoginForm(FlaskForm): username = StringField('用户名', validators=[DataRequired(), Length(min=4, max=20)]) password = PasswordField('密码', validators=[DataRequired()]) submit = SubmitField('登录')
This form class contains a username field, a password field, and a submit button.
Create a Flask application and use the form in the routing function. For example:
app = Flask(__name__) app.secret_key = 'your-secret-key' @app.route('/login', methods=['GET', 'POST']) def login(): form = LoginForm() if form.validate_on_submit(): # 表单验证通过 # 执行登录逻辑 return '登录成功' return render_template('login.html', form=form) if __name__ == '__main__': app.run()
In this example, we create a /login route to display the login form. When the user submits the form, the validate_on_submit() method is called for verification. If the verification passes, the login logic can be executed; otherwise, the form page will be re-rendered and the verification error message will be displayed.
Create a template file named login.html in the templates folder to display the login form. You can use the form attribute provided by Flask-WTF to generate form HTML code and validation error information. For example:
<!DOCTYPE html> <html> <head> <title>登录</title> </head> <body> <h1>登录</h1> <form method="POST" action="{{ url_for('login') }}"> {{ form.csrf_token }} {{ form.username.label }} {{ form.username }} {% for error in form.username.errors %} <span style="color: red;">{{ error }}</span> {% endfor %} <br> {{ form.password.label }} {{ form.password }} {% for error in form.password.errors %} <span style="color: red;">{{ error }}</span> {% endfor %} <br> {{ form.submit }} </form> </body> </html>
In this template file, use form.csrf_token to generate cross-site request forgery protection fields. Through the form field and form.errors properties, form fields and validation error messages can be generated respectively.
Use the following command to run the application:
python app.py
Visit http://localhost:5000/login in the browser. See the login page. Enter the username and password and click the submit button. You can see that the form data is verified and processed accordingly based on the verification results.
The above are the basic steps for using Flask-WTF to implement form verification. Through this method, the data submitted by users can be easily verified to ensure its legality and security. Not only that, Flask-WTF also provides other rich features, such as file upload, multi-language support, etc. I hope this article can help you and enable you to better use Flask-WTF to handle form validation.
The above is the detailed content of How to use Flask-WTF to implement form validation. For more information, please follow other related articles on the PHP Chinese website!