我们从Python开源项目中,提取了以下5个代码示例,用于说明如何使用wtforms.SubmitField()。
def test_form_validation(app): app.config['WTF_CSRF_ENABLED'] = False class TestForm(SanicForm): msg = StringField('Note', validators=[DataRequired(), Length(max=10)]) submit = SubmitField('Submit') @app.route('/', methods=['GET', 'POST']) async def index(request): form = TestForm(request) if request.method == 'POST' and form.validate(): return response.text('validated') content = render_form(form) return response.html(content) req, resp = app.test_client.get('/') assert resp.status == 200 # we disabled it assert 'csrf_token' not in resp.text # this is longer than 10 payload = {'msg': 'love is beautiful'} req, resp = app.test_client.post('/', data=payload) assert resp.status == 200 assert 'validated' not in resp.text payload = {'msg': 'happy'} req, resp = app.test_client.post('/', data=payload) assert resp.status == 200 assert 'validated' in resp.text
def test_form_csrf_validation(app): app.config['WTF_CSRF_SECRET_KEY'] = 'top secret !!!' class TestForm(SanicForm): msg = StringField('Note', validators=[DataRequired(), Length(max=10)]) submit = SubmitField('Submit') @app.route('/', methods=['GET', 'POST']) async def index(request): form = TestForm(request) if request.method == 'POST' and form.validate(): return response.text('validated') content = render_form(form) return response.html(content) req, resp = app.test_client.get('/') assert resp.status == 200 assert 'csrf_token' in resp.text token = re.findall(csrf_token_pattern, resp.text)[0] assert token payload = {'msg': 'happy', 'csrf_token': token} req, resp = app.test_client.post('/', data=payload) assert resp.status == 200 assert 'validated' in resp.text payload = {'msg': 'happy'} req, resp = app.test_client.post('/', data=payload) assert resp.status == 200 # should fail, no CSRF token in payload assert 'validated' not in resp.text
def test_csrf_token(app): app.config['WTF_CSRF_SECRET_KEY'] = 'top secret !!!' app.config['WTF_CSRF_FIELD_NAME'] = 'csrf_token' class TestForm(SanicForm): msg = StringField('Note', validators=[DataRequired(), Length(max=10)]) submit = SubmitField('Submit') @app.route('/', methods=['GET', 'POST']) async def index(request): form = TestForm(request) return response.text(form.csrf_token) req, resp = app.test_client.get('/') assert resp.status == 200 assert 'csrf_token' in resp.text token = re.findall(csrf_token_pattern, resp.text)[0] assert token
def test_no_request_disable_csrf(app): app.config['WTF_CSRF_ENABLED'] = True app.config['WTF_CSRF_SECRET_KEY'] = 'look ma' class TestForm(SanicForm): msg = StringField('Note', validators=[DataRequired(), Length(max=10)]) submit = SubmitField('Submit') @app.route('/', methods=['GET', 'POST']) async def index(request): form = TestForm(formdata=request.form) if request.method == 'POST' and form.validate(): return response.text('validated') content = render_form(form) return response.html(content) payload = {'msg': 'happy'} req, resp = app.test_client.post('/', data=payload) assert resp.status == 200 # should be okay, no request means CSRF was disabled assert 'validated' in resp.text
def test_validate_on_submit(app): app.config['WTF_CSRF_SECRET_KEY'] = 'top secret !!!' class TestForm(SanicForm): msg = StringField('Note', validators=[DataRequired(), Length(max=10)]) submit = SubmitField('Submit') @app.route('/', methods=['GET', 'POST']) async def index(request): form = TestForm(request) if form.validate_on_submit(): return response.text('validated') content = render_form(form) return response.html(content) req, resp = app.test_client.get('/') assert resp.status == 200 assert 'csrf_token' in resp.text token = re.findall(csrf_token_pattern, resp.text)[0] assert token payload = {'msg': 'happy', 'csrf_token': token} req, resp = app.test_client.post('/', data=payload) assert resp.status == 200 assert 'validated' in resp.text
