Forms and authentication are essential in web applications for handling user input and securing access to resources. Django provides built-in support for forms and authentication, while Flask requires additional extensions like Flask-WTF for form handling and Flask-Login for authentication.
Django provides forms.Form and forms.ModelForm for handling form validation.
In forms.py:
from django import forms
class LoginForm(forms.Form):
username = forms.CharField(max_length=100)
password = forms.CharField(widget=forms.PasswordInput)In views.py:
from django.shortcuts import render
from .forms import LoginForm
def login_view(request):
form = LoginForm(request.POST or None)
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
# Authenticate user (authentication logic here)
return HttpResponse(f"Logged in as {username}")
return render(request, 'login.html', {'form': form})In login.html:
<form method="post">
{% csrf_token %}
{{ form.as_p }}
<button type="submit">Login</button>
</form>forms.Form is used to create the form.request.POST or None ensures form data is processed.form.is_valid() checks if input is valid.{{ form.as_p }} renders the form fields in HTML.Flask does not have built-in form handling, so we use Flask-WTF (an extension of WTForms).
Run:
pip install flask-wtfIn forms.py:
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, SubmitField
from wtforms.validators import DataRequired
class LoginForm(FlaskForm):
username = StringField('Username', validators=[DataRequired()])
password = PasswordField('Password', validators=[DataRequired()])
submit = SubmitField('Login')In app.py:
from flask import Flask, render_template, request
from forms import LoginForm
app = Flask(__name__)
app.config['SECRET_KEY'] = 'your_secret_key'
@app.route('/login', methods=['GET', 'POST'])
def login():
form = LoginForm()
if form.validate_on_submit():
username = form.username.data
password = form.password.data
return f"Logged in as {username}"
return render_template('login.html', form=form)
if __name__ == '__main__':
app.run(debug=True)In login.html:
<form method="POST">
{{ form.hidden_tag() }}
<p>{{ form.username.label }} {{ form.username() }}</p>
<p>{{ form.password.label }} {{ form.password() }}</p>
<p>{{ form.submit() }}</p>
</form>Flask-WTF is used for form validation.form.validate_on_submit() checks if the form is submitted and valid.SECRET_KEY is required for CSRF protection.Django provides built-in authentication with django.contrib.auth.
Ensure django.contrib.auth is in INSTALLED_APPS in settings.py.
In views.py:
from django.contrib.auth import authenticate, login
from django.shortcuts import render, redirect
from .forms import LoginForm
def login_view(request):
form = LoginForm(request.POST or None)
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
user = authenticate(request, username=username, password=password)
if user:
login(request, user)
return redirect('dashboard')
return render(request, 'login.html', {'form': form})from django.contrib.auth import logout
def logout_view(request):
logout(request)
return redirect('home')Flask requires Flask-Login for handling authentication.
Run:
pip install flask-loginIn app.py:
from flask import Flask, render_template, redirect, request, url_for
from flask_login import LoginManager, UserMixin, login_user, logout_user, login_required
app = Flask(__name__)
app.config['SECRET_KEY'] = 'your_secret_key'
login_manager = LoginManager(app)
class User(UserMixin):
def __init__(self, id, username, password):
self.id = id
self.username = username
self.password = password
users = {'admin': User(1, 'admin', 'password')} # Dummy user
@login_manager.user_loader
def load_user(user_id):
return users.get(user_id)
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
user = users.get(username)
if user and user.password == password:
login_user(user)
return redirect('/dashboard')
return render_template('login.html')
@app.route('/logout')
@login_required
def logout():
logout_user()
return redirect('/')
@app.route('/dashboard')
@login_required
def dashboard():
return "Welcome to your dashboard"
if __name__ == '__main__':
app.run(debug=True)Flask-Login handles user sessions.UserMixin provides default authentication methods.login_user() logs the user in.logout_user() logs the user out.@login_required restricts access to logged-in users.django.contrib.auth.Flask-WTF for forms and Flask-Login for authentication.Sign in to join the discussion and post comments.
Sign inObject-Oriented Programming (OOP) in Python
Learn the fundamentals of Object-Oriented Programming (OOP) in Python, including classes, objects, inheritance, polymorphism, encapsulation, and more. Understand how OOP enhances code reusability, scalability, and organization.
Python Basics
Python is a powerful, high-level programming language known for its simplicity and versatility. It is widely used in various fields, including web development, data science, artificial intelligence, automation, and more. This tutorial series is designed to take you from the basics of Python to more advanced topics, ensuring a strong foundation in programming.