4.1.cms登录页面csrf保护
(1)Perfect_bbs.py
from flask_wtf import CSRFProtect CSRFProtect(app)
添加csrf保护后,现在再去登录
(2)cms/cms_login.html添加csrf保护
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
4.2.cms后台修改密码界面布局完成
(1)cms.views.py
class ResetPwdView(views.MethodView): decorators = [login_required] def get(self): return render_template('cms/cms_resetpwd.html') def post(self): pass bp.add_url_rule('/resetpwd/',view_func=ResetPwdView.as_view('resetpwd'))
(2)cms/cms_base.html
<li><a href="{{ url_for('cms.resetpwd') }}">修改密码</a></li>
(3)cms/cms_resetpwd.html
{% extends 'cms/cms_base.html' %} {% block title %} 修改密码 {% endblock %} {% block page_title %} {{ self.title() }} {% endblock %} {% block head %} <style> .form-container{ width: 300px; } </style> {% endblock %} {% block main_content %} <form method="post"> <div class="form-container"> <div class="form-group"> <div class="input-group"> <span class="input-group-addon">旧密码</span> <input type="password" class="form-control" name="oldpwd" placeholder="请输入旧密码"> </div> </div> <div class="form-group"> <div class="input-group"> <span class="input-group-addon">新密码</span> <input type="password" class="form-control" name="newpwd" placeholder="请输入新密码"> </div> </div> <div class="form-group"> <div class="input-group"> <span class="input-group-addon">确认新密码</span> <input type="password" class="form-control" name="newpwd2" placeholder="请确认新密码"> </div> </div> <div class="form-group"> <button class="btn btn-primary">立即保存</button> </div> </div> </form> {% endblock %}
效果:
