# Flask Forms

Flask has extensions that allow us to build forms much easier than having to code them from scratch using regex, etc.

The most popular extension to create forms using Flask is WTForms

First, we'd want to install the WTForms Module.

`pip install flask_wtf`

After this is completed, we can use the module within our project. Create a new file named forms.py

The import goes as:

`from flask_wtf import FlaskForm`

## Creating a registration form requires us to create a class called `class RegistrationForm(FlaskForm)`

Forms require certain fields, right? With Flask, you must import these capabilities. To create a username field within our RegistrationForm class, we must import that functionality from wtforms.

`from wtforms import StringField`

Now that StringField is imported, we utilize it to initialize it as a method. Below, we will begin coding the form. The first argument will be the name of the field, which in this case is 'Username'. The second method will be a validator (which is initialized as a list of arguments) - for example, a method that makes the field a required field, and another for minimum/maximum length. These methods will need to be imported as well through `from wtforms.validators import DataRequired, Length`

In order to make this a required field, we would pass the DataRequired and Length methods into the validators argument.

In [1]:
from flask_wtf import FlaskForm
from wtforms import StringField
from wtforms.validators import DataRequired, Length

class RegistrationForm(FlaskForm):
    username = StringField('Username', validators=[DataRequired(), Length(min=2, max=20)])

The above code is essentially saying "Build me a form that includes a username section called 'Username' where the field requires data and the length must be between 2 to 20 characters. The `from flask_wtf import FlaskForm` is what allows us to render the actual form functionality, `from wtforms import StringField` is enabling the field as a StringField, and `from wtforms.validators import DataRequired, Length` is allowing us to set the conditions of the form entry. This is all becoming states for our `RegistrationForm(FlaskForm)` class. Neat!

In [None]:
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, SubmitField
from wtforms.validators import DataRequired, Length, Email, EqualTo

class RegistrationForm(FlaskForm):
    username = StringField('Username', validators=[DataRequired(), Length(min=2, max=20)])
    email = StringField('Email', validators=[DataRequired(), Email()])
    password = PasswordField('Password', validators=[DataRequired()])
    confirm_password = PasswordField('Confirm Password', validators=[DataRequired(), EqualTo('password')])
    submit = SubmitField('Sign Up')

## As you can see above, we've added quite a few fields. We can break them down to better understand them.

Within our `from wtforms import` call, we've added `PasswordField` and `SubmitField`. This provides functionality that I think we can infer: a field that takes a password, and a field that submits the provided information. The way this is incorporated into our form is by creating propoerties within our `RegistrationForm(FlaskForm)` class.

There are also new imports in our `from wtforms.validators import` call. We see `Email` and `EqualTo` which provide us with new field specific validation. In our `confirm_password` property, we see that we have an `EqualTo` validator, and we are having it check equivalence to the `password` propoerty. This is a nice way of confirming the password.

The `Email` validator is probably pretty self explanatory - it sets the StringField named 'Email' to include an email format validation (i.e. me@mail.com)

## Next, let's build a new class for Logging In instead of registering. We will essentially copy the `RegistrationForm` class and edit some of the properties.

In [2]:
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, SubmitField, BooleanField
from wtforms.validators import DataRequired, Length, Email, EqualTo

class LoginForm(FlaskForm):
    email = StringField('Email', validators=[DataRequired(), Email()])
    password = PasswordField('Password', validators=[DataRequired()])
    remember = BooleanField('Remember Me')
    submit = SubmitField('Login')

## So, what's new here?

Well, we can see that we imported another module called `BooleanField`. We are using this method in our 'remember' class that will toggle a cookie that saves login information. We will need to set a secret key for our app. It will protect against modifying cookies, forgery attacks, etc.

Within the application file, we will submit the following code:
`app.config['Secret Key'] = ""`

In order to generate the random key, we will use the following code within the Python Interpreter:
`import secrets`
`secrets.token_hex(16)`

This will generate a random string that we will pass into the `app.config['Secret Key] = "16Random"`

We will want to make this an environment variable at some point.

## In order to use this new registration.py file, we will need to import it into our main Flask app file, which in our case is flaskblog.py.

`from forms import RegistrationForm, LoginForm`

Notice that we are importing the Classes we created! Let's create the route in our app.

In [None]:
@app.route("/register")
def register():
form = RegistrationForm()
return render_template('register.html', title='Register', form=form)

In [None]:
@app.route("/login")
def login():
form = LoginForm()
return render_template('login.html', title='Login', form=form)