# The first view ,register

When the user visits the auth/register URL,the register view will return HTML with a form for them to fill out .When they submit the form,it will validate their input and either show the form again with an error message of create the new user and go to the login page .

For now you will just write the view code .On the next page ,you`ll write templates to generate the HTML form.

In [2]:
from flask import Flask,request
from flask import (
    Blueprint,flash,g,redirect,render_template,request,session,url_for
)

@bp.route('/register',methods=('GET','POST'))

def register():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None
    if not username:
        error = 'username is required'
    elif not password:
        error = 'password is required'
    
    if error is None:
        try:
            db.execute(
                "INSERT INTO user(username,password) VALUES (?,?)",
                (username,generate_password_hash(password)),
            )


_IncompleteInputError: incomplete input (346055931.py, line 24)

1. @bp.route associates the URL /register with the register view function. When Flask receives a request
to /auth/register, it will call the register view and use the return value as the response.
2. If the user submitted the form, request.method will be 'POST'. In this case, start validating the input.
3. request.form is a special type of dict mapping submitted form keys and values. The user will input their
username and password.
4. Validate that username and password are not empty.
5. If validation succeeds, insert the new user data into the database.
• db.execute takes a SQL query with ? placeholders for any user input, and a tuple of values to replace the
placeholders with. The database library will take care of escaping the values so you are not vulnerable to
a SQL injection attack.
• For security, passwords should never be stored in the database directly.
Instead,
generate_password_hash() is used to securely hash the password, and that hash is stored. Since this
query modifies data, db.commit() needs to be called afterwards to save the changes.
• An sqlite3.IntegrityError will occur if the username already exists, which should be shown to the
user as another validation error.
6. After storing the user, they are redirected to the login page. url_for() generates the URL for the login view
based on its name. This is preferable to writing the URL directly as it allows you to change the URL later without
changing all code that links to it. redirect() generates a redirect response to the generated URL.
7. If validation fails, the error is shown to the user. flash() stores messages that can be retrieved when rendering
the template.
8. When the user initially navigates to auth/register, or there was a validation error, an HTML page with the
registration form should be shown. render_template() will render a template containing the HTML, which
you’ll write in the next step of the tutorial.