Parts of a Flask Web App
@app.route
This defines where a particular path in the url relates too:
@app.route("/")
def hello():
return "Hello World!"
When the app server is running, visiting the root will produce the message 'Hello World!'. The code below will also display this if you visit '/home' on the app server:
@app.route("/")
@app.route("/home")
def hello():
return "Hello World!"
Parameters
The example below will just display the message:
@app.route("/")
def hello():
return "Hello World!"
You can also use parameters:
@app.route("/<name>")
def hello(name):
return "Hello "+name
Using this method the parameters are passed as strings, and you may need to convert them. In this example the URL '/Wayne' will display the message 'Hello Wayne'.
url_for
You will need to add url_for to the Flask import:
from flask import Flask, url_for
If you look at this example:
@app.route("/home")
def home():
return "test"
@app.route("/hello")
def hello():
return "Hello World!"
it creates 2 paths, one for '/hello' (runs 'def hello()') and one for '/home' (runs 'def home()'). url_for will accept the name of the method (ie def ....) and return the route.
so:
url_for('hello')
will return:
/hello
Handling HTML Forms
You will need to add request to the Flask import:
from flask import Flask, request
The code below is an example of using html form elements, it is for a login page which produces the form initially. Clicking the login button will cause a submit and therefore 'POST' will be set, it then checks the form data:
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
if (request.form['username']=="wayne") and request.form['password']=="pass":
return redirect(url_for('home')) # will need to add redirect to the Flask import
return '''
<form method="post"><p>
Username: <input type=text name=username><p>
Password: <input type=password name=password><p>
<input type=submit value=Login>
</form>
'''
The route must include', methods=['GET','POST']' this will allow it to accept data from an html form. This will use either, get (via the url) or post (via the http header).
Within the method you can check the request method (request.method=='POST'). You can then access data from the form using request.form['...'], the text in the square brackets needs to match the name of the form element from the html.
Using Sessions
In order to use session, you will need to include it in the Flask import and you must set a secret_key on the app:
from flask import Flask, session, redirect, url_for, request
app = Flask(__name__)
# Set the secret key to some random bytes. Keep this really secret!
# use: import os and then: print(os.urandom(16)) to generate a suitable key
app.secret_key = b'_5#y2L"F4Q8z\n\xec]/'
You can generate a new suitable string using:
import os
print(os.urandom(16))
Now the individual routes and methods:
@app.route('/')
def index():
if 'username' in session:
return 'Logged in as ' + session['username']
return 'You are not logged in'
The method above checks if username is set as a session variable, if it is the code displays a message including the username. Otherwise it displays the message to say you aren't logged in.
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
if (request.form['username']=="wayne") and request.form['password']=="pass":
session['username'] = request.form['username']
return redirect(url_for('index'))
return '''
<form method="post">
<p>Username: <input type=text name=username></p>
<p>Password: <input type=password name=password></p>
<input type=submit value=Login>
</form>
'''
The method above checks if the submit button was clicked, it checks the username and password and ten sets the username session variable.
@app.route('/logout')
def logout():
# remove the username from the session if it's there
session.pop('username', None)
return redirect(url_for('index'))
This method will remove the username session variable.