wtforms做表单验证
简介
WTForms是一个支持多个python web框架的form组件,主要用于对用户请求数据进行验证。
安装:
pip3 install wtforms
用户登录注册示例
1.用户登录
from flask import Blueprint, render_template, request, session, redirect
from uuid import uuid4 from ..utils.sql import SQLHelper account = Blueprint('account', __name__) from wtforms import Form from wtforms.fields import simple, core, html5 from wtforms import validators from wtforms import widgets class LoginForm(Form): user = simple.StringField( validators=[ validators.DataRequired(message='用户名不能为空.'), # validators.Length(min=6, max=18, message='用户名长度必须大于%(min)d且小于%(max)d') ], widget=widgets.TextInput(), render_kw={'class': 'form-control'} ) pwd = simple.PasswordField( validators=[ validators.DataRequired(message='密码不能为空.'), # validators.Length(min=8, message='用户名长度必须大于%(min)d'), # validators.Regexp(regex="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]{8,}", # message='密码至少8个字符,至少1个大写字母,1个小写字母,1个数字和1个特殊字符') ], widget=widgets.PasswordInput(), render_kw={'class': 'form-control'} ) @account.route('/login', methods=['GET', 'POST']) def login(): if request.method == 'GET': form = LoginForm() return render_template('login.html', form=form) form = LoginForm(formdata=request.form) if not form.validate(): return render_template('login.html', form=form) # 正确的数据: {'user': 'dsa', 'pwd': 'dsa'}是一个字典
这里用到了数据库连接池DbUtils,请参照:https://www.cnblogs.com/muguangrui/articles/13762336.html obj = SQLHelper.fetch_one('select * from users where name=%(user)s and pwd=%(pwd)s', form.data) if obj: uid = str(uuid4()) session.permanent = True session['user_info'] = {'id': uid, 'name': obj['name']} return redirect('/index') else: return render_template('login.html', msg='用户名或密码错误', form=form)
login.html:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <h3>用户登录</h3> <form method="post"> {{ form.user }} {{ form.user.errors[0] }} {{ form.pwd }}{{ form.pwd.errors[0] }} <input type="submit" value="提交"> {{ msg }} </form> </body> </html>
2. 用户注册
class SimpleForm(Form): name = simple.StringField( label='用户名', validators=[ validators.DataRequired() ], widget=widgets.TextInput(), render_kw={'class': 'form-control'}, default='alex' ) pwd = simple.PasswordField( label='密码', validators=[ validators.DataRequired(message='密码不能为空.') ], widget=widgets.PasswordInput(), render_kw={'class': 'form-control'} ) pwd_confirm = simple.PasswordField( label='重复密码', validators=[ validators.DataRequired(message='重复密码不能为空.'), validators.EqualTo('pwd', message="两次密码输入不一致") ], widget=widgets.PasswordInput(), render_kw={'class': 'form-control'} ) @account.route('/register', methods=['GET', 'POST']) def register(): if request.method == 'GET': form = RegisterForm() return render_template('register.html', form=form) form = RegisterForm(formdata=request.form) if form.validate(): print(form.data) obj = SQLHelper.insert_one('insert into users(name,pwd) values(%(name)s,%(pwd)s);', form.data) else: return render_template('register.html', form=form) return "注册成功"
register.html:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <form method="post"> {% for item in form %} <p>{{ item.label }}: {{ item }} {{item.errors[0] }}</p> {% endfor %} <input type="submit" value="提交"> </form> </body> </html>
我们再看一下其他字段类型:
class RegisterForm(Form): name = simple.StringField( label='用户名', validators=[ validators.DataRequired() ], widget=widgets.TextInput(), render_kw={'class': 'form-control'}, default='alex' ) pwd = simple.PasswordField( label='密码', validators=[ validators.DataRequired(message='密码不能为空.') ], widget=widgets.PasswordInput(), render_kw={'class': 'form-control'} ) pwd_confirm = simple.PasswordField( label='重复密码', validators=[ validators.DataRequired(message='重复密码不能为空.'), validators.EqualTo('pwd', message="两次密码输入不一致") ], widget=widgets.PasswordInput(), render_kw={'class': 'form-control'} ) email = html5.EmailField( label='邮箱', validators=[ validators.DataRequired(message='邮箱不能为空.'), validators.Email(message='邮箱格式错误'), # pip3 install email_validator 可能会提示安装这个模块 ], widget=widgets.TextInput(input_type='email'), render_kw={'class': 'form-control'} ) gender = core.RadioField( label='性别', choices=( (1, '男'), (2, '女'), ), coerce=int ) city = core.SelectField( label='城市', choices=SQLHelper.fetch_all('select id,name from city', {}, None), # 需要去数据库取得字段 # choices=( # (1, '北京'), # (2, '成都'), # ), coerce=int ) hobby = core.SelectMultipleField( label='爱好', choices=( (1, '篮球'), (2, '足球'), ), coerce=int ) favor = core.SelectMultipleField( label='喜好', choices=( (1, '篮球'), (2, '足球'), ), widget=widgets.ListWidget(prefix_label=False), option_widget=widgets.CheckboxInput(), coerce=int, default=[1, 2] ) def __init__(self, *args, **kwargs): super(RegisterForm, self).__init__(*args, **kwargs) self.city.choices = SQLHelper.fetch_all('select id,name from city', {}, None) # 当页面刷新时,重新去数据库中获取字段,避免数据库更新了,页面不刷新的情况。
def validate_name(self, field): """ 自定义pwd_confirm字段规则,例:与pwd字段是否一致 :param field: :return: """ # 最开始初始化时,self.data中已经有所有的值 # print(field.data) # 当前name传过来的值 # print(self.data) # 当前传过来的所有的值:name,gender..... obj = SQLHelper.fetch_one('select id from users where name=%s', [field.data, ]) if obj: raise validators.ValidationError("用户名已经存在") # 继续后续验证 # raise validators.StopValidation("用户名已经存在") # 不再继续后续验证
