幫助咱們在HTML中快速生成form標籤,同時還能夠對用戶提交的form請求的數據進行驗證。html
pip3 install wtforms
建立對象:構建form標籤函數
class LoginForm(Form): name = fields.simple.StringField( label="用戶名", validators=[ validators.DataRequired(message="用戶名不能爲空"), ], widget=widgets.TextInput(), render_kw={"placeholder": "請輸入用戶名"} ) password = fields.simple.PasswordField( label="密碼", validators=[ validators.DataRequired(message="密碼不能爲空"), validators.Length(min=8, message='用戶名長度必須大於%(min)d'), validators.Regexp(regex="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]{8,}", message='密碼至少8個字符,至少1個大寫字母,1個小寫字母,1個數字和1個特殊字符') ], render_kw={"placeholder": "請輸入密碼"} )
實例化對象,進行模板渲染ui
# 實例化 form = LoginForm() # HTML {{ form.name.label }} 獲取label值 {{ form.name }} 獲取input標籤 {{form.name.errors[0]}} 獲取錯誤信息 # 標籤比較多的,能夠循環form {% for foo in form %} <div>{{ foo.label }}:{{ foo }} {{ foo.errors[0] }}</div> {% endfor %}
實例化對象,進行數據驗證url
form = LoginForm(POST提交的數據) if form.validate(): # 知足條件, 獲取數據 data = form.data else: # 有錯誤 errors = form.errors
自定義鉤子函數spa
# validate_字段名 def validate_name(self, field): # 定義本身的驗證 if not field.data.startswith("a"): raise validators.ValidationError("用戶名必須以a開頭")
from wtforms.csrf.core import CSRF from hashlib import md5 class MyCSRF(CSRF): """ Generate a CSRF token based on the user's IP. I am probably not very secure, so don't use me. """ def setup_form(self, form): self.csrf_context = form.meta.csrf_context() self.csrf_secret = form.meta.csrf_secret return super(MyCSRF, self).setup_form(form) def generate_csrf_token(self, csrf_token): gid = self.csrf_secret + self.csrf_context token = md5(gid.encode('utf-8')).hexdigest() return token def validate_csrf_token(self, form, field): print(field.data, field.current_token) if field.data != field.current_token: raise ValueError('Invalid CSRF') class LoginForm(Form): ...... class Meta: csrf = True csrf_field_name = 'csrf_token' csrf_secret = 'sldfjkjdl' csrf_context = lambda x: request.url csrf_class = MyCSRF # html {{ form.csrf_token }}