You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think there is some weird behaviour when using SECURITY_CONFIRMABLE.
The documentation states the following, so this is a flag to enable confirmation of an email address.
SECURITY_CONFIRMABLE
Specifies if users are required to confirm their email address when registering a new account. If this value is True, Flask-Security creates an endpoint to handle confirmations and requests to resend confirmation instructions. The URL for this endpoint is specified by the SECURITY_CONFIRM_URL configuration option. Defaults to False.
But when set to True it also removes the retype password field, so I think this is mixing up email confirimation and "password confirmation".
register_user.html
{% if register_user_form.password_confirm %}
{{ render_field_with_errors(register_user_form.password_confirm) }}
{% endif %}
I think it has to do with the following two forms:
forms.py
class ConfirmRegisterForm(Form, RegisterFormMixin,
UniqueEmailFormMixin, NewPasswordFormMixin):
pass
class RegisterForm(ConfirmRegisterForm, PasswordConfirmFormMixin,
NextFormMixin):
def __init__(self, *args, **kwargs):
super(RegisterForm, self).__init__(*args, **kwargs)
if not self.next.data:
self.next.data = request.args.get('next', '')
views.py
def register():
"""View function which handles a registration request."""
if _security.confirmable or request.json:
form_class = _security.confirm_register_form
else:
form_class = _security.register_form
The text was updated successfully, but these errors were encountered:
sdiepend
changed the title
SECURITY_CONFIRMABLE config lixup between confirm password and confirm email
SECURITY_CONFIRMABLE config mixup between confirm password and confirm email
Mar 12, 2017
I can confirm that this bug interferes even with the overriding of the default RegisterForm (I haven't tried the others) that -when the SECURITY_CONFIRMABLE option is set to True- won't be overridden when calling init_app passing the register_form parameter
The form passed to the view is the default form, and the __init__ method of ExtendedRegisterForm is never been called.
When setting SECURITY_CONFIRMABLE to False, everything is fine.
I think there is some weird behaviour when using SECURITY_CONFIRMABLE.
The documentation states the following, so this is a flag to enable confirmation of an email address.
But when set to True it also removes the retype password field, so I think this is mixing up email confirimation and "password confirmation".
register_user.html
I think it has to do with the following two forms:
forms.py
views.py
The text was updated successfully, but these errors were encountered: