Surender Thyagarajan
Reputation: 1
Flask-WTForms never validates even when {{ form.hidden_tag() }} is present
I have given a snippet of my forms.py, routes.py and createPatient.html (relevant screenshot). I had a previous form for login of the same application where I faced the same error for which I deleted the old project and started this new one.
route.py
@app.route("/createPatient",methods=['GET','POST'])
def create():
form1 = createPatient(request.form)
if form1.validate_on_submit():
print("Sucess")
return redirect('/index')
else:
print("Unsuccessful")
return render_template("createPatient.html", form = form1)
the output of this when I entered form1.validate() is false and form1.errors is {} and prints unsuccessful
forms.py
class createPatient(FlaskForm):
ssn_id = IntegerField("SSN ID", validators = [DataRequired()])
name = StringField("Patient Name",validators=[DataRequired()])
age = IntegerField("Patient Age",validators=[DataRequired()])
doa = DateField("Date of Admission",validators=[DataRequired()])
tob = SelectField("Type of Bed", choices = [('General Ward'),('Semi Sharing'),('Single Room')],validators =[DataRequired()])
address = StringField("Address", validators=[DataRequired()])
city = StringField("City", validators=[DataRequired(), Length(min = 6 ,max = 20)])
state = StringField("State", validators=[DataRequired(), Length(max = 30)])
create = SubmitField("Create Patient")
no syntatical error in the above file
createPatient.html
<form name = "createPatient" action= "/createPatient" method="POST" >
{{ form.hidden_tag() }}
<p>
{{ form.ssn_id.label }}
{{ form.ssn_id(size = 9 ) }}
{% for error in form.ssn_id.errors %}
<span class="error-message">*{{ error }}</span>
{% endfor %}<br>
</p>
<p>
{{ form.name.label }}
{{ form.name(size = 35 ) }}
{% for error in form.name.errors %}
<span class="error-message">*{{ error }}</span>
{% endfor %}<br>
</p>
<p>
{{ form.age.label }}
{{ form.age(size = 35 ) }}
{% for error in form.age.errors %}
<span class="error-message">*{{ error }}</span>
{% endfor %}<br>
</p>
<p>
{{ form.doa.label }}
{{ form.doa(size = 35 ) }}
{% for error in form.doa.errors %}
<span class="error-message">*{{ error }}</span>
{% endfor %}<br>
</p>
{{ form.tob.label }}
{{ form.tob() }}
{% for error in form.tob.errors %}
<span class="error-message">*{{ error }}</span>
{% endfor %}<br>
<p>
{{ form.address.label }}
{{ form.address(size = 35 ) }}
{% for error in form.address.errors %}
<span clas="error-message">*{{ error }}</span>
{% endfor %}<br>
</p>
<p>
{{ form.city.label }}
{{ form.city(size = 35 ) }}
{% for error in form.city.errors %}
<span clas="error-message">*{{ error }}</span>
{% endfor %}<br>
</p>
<p>
{{ form.state.label }}
{{ form.state(size = 35 ) }}
{% for error in form.state.errors %}
<span clas="error-message">*{{ error }}</span>
{% endfor %}<br>
</p>
<p> {{ form.create ()}} </p>
</form>
config.py
import os
class Config(object):
SECRET_KEY = os.urandom(32)
init.py
from flask import Flask
from config import Config
from flask_mongoengine import MongoEngine
app =Flask(__name__)
app['SECRET_KEY']= Config.SECRET_KEY
Upvotes: 0
Views: 2478
Answers (1)
Ruslan
Reputation: 171
As far as I know, CSRF tokens are generated using SECRET_KEY. In your config.py file, I see SECRET_KEY = os.urandom(32). Each time you reload your app, your key will be replaced with new one. This can cause CSRF errors.
Instead try to generate your key externally and place it inside .env or config.py:
SECRET_KEY = 'super-secret-random-key'
or
import os
class Config(object):
SECRET_KEY = os.environ.get('SECRET_KEY')
Upvotes: 1
Related Questions
- WTF form.validate_on_submit() not working
- Flask WTForms validate_on_submit not working
- Flask WTForm not validating, no form errors reported
- Form is never valid with WTForms
- flask-wtf form validation not working for my new app
- Flask wtform forms.validate_on_submit() is always false
- Determine why WTForms form didn't validate
- Flask-wtf form validation unexpectedly activated
- form.validate_on_submit also false
- hiddenfield flask not validating