Python 烧瓶wtf表格属性错误:';请求';对象没有属性';邮政';
我刚开始用Flask编码,我想在我的应用程序中的一个小表单上设置CSRF。我将遵循这一点,以实现基于会话的实现。我在网上浏览了一会儿,想找到一个类似问题的解决方案,但没有成功,如果这是一个重复的问题,我深表歉意 此代码有问题: 当我在虚拟环境中运行它时,我得到了AttributeError:“Request”对象没有属性“POST”- 目标:在wtform实例上实施csrf 环境:wtf版本2.02,flask 0.10,带python 2.7的venv fci_form.pyPython 烧瓶wtf表格属性错误:';请求';对象没有属性';邮政';,python,flask,flask-wtforms,wtforms,Python,Flask,Flask Wtforms,Wtforms,我刚开始用Flask编码,我想在我的应用程序中的一个小表单上设置CSRF。我将遵循这一点,以实现基于会话的实现。我在网上浏览了一会儿,想找到一个类似问题的解决方案,但没有成功,如果这是一个重复的问题,我深表歉意 此代码有问题: 当我在虚拟环境中运行它时,我得到了AttributeError:“Request”对象没有属性“POST”- 目标:在wtform实例上实施csrf 环境:wtf版本2.02,flask 0.10,带python 2.7的venv fci_form.py from fla
from flask import session, request
from flask.ext.wtf import Form
from wtforms import TextField, validators, SubmitField
from wtforms.validators import Required, Length
from wtforms.csrf.session import SessionCSRF
from datetime import timedelta
import config # my config file
# create super class
class MyForm(Form):
class Meta:
csrf = True
csrf_class = SessionCSRF
csrf_secret = config.secret_key
csrf_time_limit = timedelta(minutes=20)
@property
def csrf_context(self):
return request.session
# create a class for the form
class postcodeInput(MyForm):
postcode = TextField('postcode',[validators.Required(message=(u"Where is your postcode?")),validators.Length(min=2, max=10)])
submit = SubmitField('Submit')
from flask import Flask, render_template, request, __version__, url_for, session, abort, flash, redirect
# importing the class called postcode_input
from fci_form import postcodeInput
import config
import fciUtils
#pdb.set_trace()
app = Flask(__name__)
app.debug = True
# Views of the app
@app.route('/')
def index():
return render_template('home.html')
@app.route('/fci', methods=['GET', 'POST'])
def fci_form():
error = None
form = postcodeInput(request.POST, meta={'csrf_context': request.session})
if form.validate_on_submit():
# handle user input
postcode = request.form['postcode']
# calculate fci
result = fciUtils.fciReturn(postcode)
return render_template('fci_form.html',form = form, result = result)
elif request.method == 'GET':
return render_template('fci_form.html', form = form)
else:
error = 'Enter a valid postcode'
return render_template('fci_form.html', form=form, error=error)
if __name__ == '__main__':
app.secret_key = config.secret_key
app.run(threaded=True)
视图.py
from flask import session, request
from flask.ext.wtf import Form
from wtforms import TextField, validators, SubmitField
from wtforms.validators import Required, Length
from wtforms.csrf.session import SessionCSRF
from datetime import timedelta
import config # my config file
# create super class
class MyForm(Form):
class Meta:
csrf = True
csrf_class = SessionCSRF
csrf_secret = config.secret_key
csrf_time_limit = timedelta(minutes=20)
@property
def csrf_context(self):
return request.session
# create a class for the form
class postcodeInput(MyForm):
postcode = TextField('postcode',[validators.Required(message=(u"Where is your postcode?")),validators.Length(min=2, max=10)])
submit = SubmitField('Submit')
from flask import Flask, render_template, request, __version__, url_for, session, abort, flash, redirect
# importing the class called postcode_input
from fci_form import postcodeInput
import config
import fciUtils
#pdb.set_trace()
app = Flask(__name__)
app.debug = True
# Views of the app
@app.route('/')
def index():
return render_template('home.html')
@app.route('/fci', methods=['GET', 'POST'])
def fci_form():
error = None
form = postcodeInput(request.POST, meta={'csrf_context': request.session})
if form.validate_on_submit():
# handle user input
postcode = request.form['postcode']
# calculate fci
result = fciUtils.fciReturn(postcode)
return render_template('fci_form.html',form = form, result = result)
elif request.method == 'GET':
return render_template('fci_form.html', form = form)
else:
error = 'Enter a valid postcode'
return render_template('fci_form.html', form=form, error=error)
if __name__ == '__main__':
app.secret_key = config.secret_key
app.run(threaded=True)
模板位于/templates文件夹中的fci_form.html
{% extends 'layout.html' %}
{% block form %}
<section>
<header><h1>...</h1><br></header>
<form action="{{ url_for('fci_form')}}" method='POST'>
<p>Enter your London postcode:</p>
<section>
{% if error %}
<p class="error"><strong>Error: </strong>{{error}}</p>
{% endif %}
{{form.csrf_token}}
{{form.postcode}}
{{form.submit(class_="pure-button")}}
</section>
</form>
</section>
{% endblock %}
{% block result %}
<section>
<h4>{{result}}</h4>
</section>
{% endblock %}
{%extends'layout.html%}
{%block form%}
…
输入您的伦敦邮政编码:
{%if错误%}
错误:{{error}
{%endif%}
{form.csrf_token}
{{form.postcode}
{{form.submit(class=“pure button”)}
{%endblock%}
{%block result%}
{{result}}
{%endblock%}
我在这里遗漏了什么?来自WTForms项目的:
WTForms是一个灵活的表单验证和呈现库,用于
Python web开发它与框架无关,可以与
无论您选择什么web框架和模板引擎
我的。框架不可知意味着这不仅仅是一个用于Flask的库,还包括以下示例(来自:
def view():
form=UserForm(request.POST)
如果request.POST和form.validate():
通过#表格有效且CSRF成功
返回呈现('user.html',form=form)
。。。不一定是任何web框架中的工作模式,而只是展示库如何工作的一般说明
转换为烧瓶特定示例的示例可能如下所示:
@app.route('/submit',methods=(“GET”,“POST”))
def submit():
form=UserForm(request.form)
如果request.method==“POST”和form.validate():
通过#表格有效且CSRF成功
返回呈现模板('submit.html',form=form)
自述文件接着说:
有各种各样的社区图书馆,它们与
流行的框架
一个这样的例子是,他们的WTForms库的“hello world”如下所示:
@app.route('/submit',methods=('GET',POST'))
def submit():
form=MyForm()
if form.validate_on_submit():
返回重定向(“/success”)
返回呈现模板('submit.html',form=form)
请注意,request.form
不必像在香草WTForms示例(UserForm(request.form)
)中那样传递给MyForm
构造函数,表单上有一个名为validate\u on\u submit()的方法
它既测试请求是否为POST
请求,也测试提交的表单内容是否通过验证
除了更容易地处理将POST
数据传递到表单和验证之外,Flask WTF
还简化了CSRF令牌管理,可以阅读相关内容