flask实现一个简单的注册界面报错
register.html
<!DOCTYPE html>
<html lang="en">
<head><meta charset="UTF-8"><title>Title</title>
</head>
<body>
<form action="" method="post">
<!-- {{ form.hidden_tag() }}-->{{form.username.label}}
{{form.username}}
<br>
{{form.password.label}}
{{form.password}}<br>
{{form.password2.label}}
{{form.password2}}
<br>
{{form.submit}}
</form></body>
</html>表单.py
from flask import Flask, render_template, request
from wtforms import StringField, PasswordField, SubmitField
from flask_wtf import FlaskForm
from wtforms.validators import DataRequired, EqualToapp = Flask(__name__)
app.config['SECRET_KEY'] = 'abc123'class Register(FlaskForm):username = StringField(label='Username', validators=[DataRequired("用户名不能为空")])password = PasswordField(label='password', validators=[DataRequired("密码不能为空")])password2 = PasswordField(label='password2', validators=[DataRequired("密码不能为空"), EqualTo('password')])submit = SubmitField(label='Sign Up')@app.route('/register', methods=[ 'GET','POST'])
def register():form = Register()if request.method == 'POST':print(999)if form.validate_on_submit():print("验证成功")username = form.username.datapassword = form.password.datapassword2 = form.password2.dataprint(username, password, password2)else:print(form.errors)print("验证失败")elif request.method == 'GET':return render_template('register.html', form=form)return render_template('register.html', form=form)if __name__ == '__main__':app.run(debug=True)
-
{'csrf_token': ['The CSRF token is missing.']}表示在表单提交时,缺少 CSRF(跨站请求伪造)令牌。 - 当使用
Flask-WTF时,为了防止 CSRF 攻击,默认会启用 CSRF 保护。这意味着在表单中需要包含一个 CSRF 令牌,并且在表单提交时,服务器会验证这个令牌是否存在且有效。
在你的register.html模板中,确保使用form.hidden_tag()来包含 CSRF 令牌。
