Flask安全自定义电子邮件验证程序
我已经设置了Flask安全性,我正在尝试根据数据库中的列表验证电子邮件。 我想保留当前的电子邮件验证程序并添加一个新的 下面是我为扩展注册表而添加的代码。但是我一点也不让它工作,验证器只是被忽略了。 我试过了Flask安全自定义电子邮件验证程序,flask,flask-wtforms,wtforms,flask-security,Flask,Flask Wtforms,Wtforms,Flask Security,我已经设置了Flask安全性,我正在尝试根据数据库中的列表验证电子邮件。 我想保留当前的电子邮件验证程序并添加一个新的 下面是我为扩展注册表而添加的代码。但是我一点也不让它工作,验证器只是被忽略了。 我试过了 将DataRequired更改为InputRequired 从形式到自我的转变 在验证器中添加print语句,但它似乎根本没有运行。它只是被忽视了 将StringField更改为EmailField 我假设您已经安装了email\u validator(在pypi上) 我认为您需要像这
- 将DataRequired更改为InputRequired
- 从形式到自我的转变
- 在验证器中添加print语句,但它似乎根本没有运行。它只是被忽视了
- 将StringField更改为EmailField
我假设您已经安装了
email\u validator
(在pypi
上)
我认为您需要像这样稍微更改代码
from flask_wtf import FlaskForm
from flask_security.forms import RegisterForm
[..]
from wtforms.fields.html5 import EmailField
from wtforms.validators import DataRequired, Email, ..
# @see https://pythonhosted.org/Flask-Security/customizing.html#forms
class ExtendedRegisterForm(RegisterForm):
# email = StringField('Email', validators=[DataRequired()])
email = EmailField('Email', validators=[DataRequired(), Email()])
# def validate_email(form, field):
def validate_email(self, field):
# extract the domain from email
domain = field.data.split('@')[1]
# regdomains = db.session.query(Company.id, Company.domain).filter(Company.domain != None).all()
# for row in regdomains:
# valid = (row.domain).find(domain)
# if valid != -1:
# validated = True
# else:
# continue
# if validated is not True:
# raise ValidationError('Email address must be from an authorized domain')
# check against database if any "company" is registered with the given "domain" else raise an Exception
registred_company = Company.query.filter_by(domain=domain).first()
if registred_company is None:
# the "company" is not registered thus not authorized
# then the given "email" is not validated
raise ValidationError('Email address must be from an authorised domain')
flask-security
将flask-wtf
(取决于wtforms
)作为依赖项,因此它通过关于字段的继承机制和验证{field}(self,field)
函数来验证表单字段
请参阅:我假设您已经安装了电子邮件验证程序
(在pypi
)
我认为您需要像这样稍微更改代码
from flask_wtf import FlaskForm
from flask_security.forms import RegisterForm
[..]
from wtforms.fields.html5 import EmailField
from wtforms.validators import DataRequired, Email, ..
# @see https://pythonhosted.org/Flask-Security/customizing.html#forms
class ExtendedRegisterForm(RegisterForm):
# email = StringField('Email', validators=[DataRequired()])
email = EmailField('Email', validators=[DataRequired(), Email()])
# def validate_email(form, field):
def validate_email(self, field):
# extract the domain from email
domain = field.data.split('@')[1]
# regdomains = db.session.query(Company.id, Company.domain).filter(Company.domain != None).all()
# for row in regdomains:
# valid = (row.domain).find(domain)
# if valid != -1:
# validated = True
# else:
# continue
# if validated is not True:
# raise ValidationError('Email address must be from an authorized domain')
# check against database if any "company" is registered with the given "domain" else raise an Exception
registred_company = Company.query.filter_by(domain=domain).first()
if registred_company is None:
# the "company" is not registered thus not authorized
# then the given "email" is not validated
raise ValidationError('Email address must be from an authorised domain')
flask-security
将flask-wtf
(取决于wtforms
)作为依赖项,因此它通过关于字段的继承机制和验证{field}(self,field)
函数来验证表单字段
请参阅:覆盖注册表执行验证(自)
方法。您可以在forLoginForm
中看到此技术的示例
例如:
class ExtendedRegisterForm(RegisterForm):
def validate(self):
# Perform the default validation
if not super(ExtendedRegisterForm, self).validate():
return False
# check against database if any "company" is registered with the given "domain" else raise an Exception
# extract the domain from email
domain = self.email.data.split('@')[1]
registered_company = Company.query.filter_by(domain=domain).first()
if registered_company is None:
# the "company" is not registered thus not authorized
# then the given "email" is not validated
# append error message to the email field
self.email.errors.append("Company is not registered")
return False
# all good
return True
覆盖注册表执行
验证(自)
方法。您可以在forLoginForm
中看到此技术的示例
例如:
class ExtendedRegisterForm(RegisterForm):
def validate(self):
# Perform the default validation
if not super(ExtendedRegisterForm, self).validate():
return False
# check against database if any "company" is registered with the given "domain" else raise an Exception
# extract the domain from email
domain = self.email.data.split('@')[1]
registered_company = Company.query.filter_by(domain=domain).first()
if registered_company is None:
# the "company" is not registered thus not authorized
# then the given "email" is not validated
# append error message to the email field
self.email.errors.append("Company is not registered")
return False
# all good
return True
您是否启用了安全性确认功能?如果是这样,那么注册端点将使用confirmRegisterPerform..您是否启用了安全性\u CONFIRMABLE?如果是这样,那么注册端点将使用confirmRegisterPerform..嗨,Cizario,谢谢您回复我。我也尝试过电子邮件字段和电子邮件验证程序。不幸的是,这只会检查它是否是有效的电子邮件。目标是只有在我的数据库中注册的电子邮件域才能注册。因此,我尝试了这个自定义验证器-不幸的是,我似乎没有接到电话。我拼错了def validate\u email(self,email)
应该是def validate\u email(self,field)
,我更新了我的答案。现在,validate{field}()
函数的目的是用任何符合您需要的逻辑来验证您的{field},您的问题似乎出现在该函数的主体代码中。我想你必须回顾一下查询
@SebastienBruggeman我更新的答案解决了你的问题吗?嗨,cizario,不幸的是没有:(,嗨,Cizario,谢谢你回复我。我也尝试了电子邮件字段和电子邮件验证程序。不幸的是,这只会检查它是否是有效的电子邮件。目标是只有在我的数据库中注册的电子邮件域才能注册。因此,我尝试了这个自定义验证程序-不幸的是,我似乎没有被调用。我拼错了def验证电子邮件(self,email)
应该是def validate\u email(self,field)
我更新了我的答案。现在validate{field}()
函数的目的是验证你的{field}无论什么逻辑符合您的需求,您的问题似乎都存在于该函数的主体代码中。我想您必须查看查询@SebastienBruggeman我更新的答案是否解决了您的问题?嗨,cizario,很遗憾,没有:(,我做到了!不幸的是,我决定放弃Flask安全性,自己使用教程编写电子邮件确认。这完成了工作。我还发现Flask安全性不再得到维护,现在也是Flask安全性。我做到了!不幸的是,我决定放弃Flask安全性,自己使用教程编写电子邮件确认。我还发现,烧瓶安全性不再得到维护,现在也是烧瓶安全性。谢谢!如果我也搬回烧瓶安全性(?)我可能会给它一个镜头谢谢!如果我也搬回烧瓶安全性(?)我可能会给它一个镜头