Skip to content

Commit

Permalink
Merge pull request #2331 from cjmayo/wtforms1
Browse files Browse the repository at this point in the history
Remove WTForms 1 code
  • Loading branch information
mrjoes authored Feb 2, 2023
2 parents 6eb9d56 + 5c7fdda commit c4ba7cc
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 50 deletions.
61 changes: 28 additions & 33 deletions flask_admin/form/__init__.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
from wtforms import form, __version__ as wtforms_version
from os import urandom

from flask import session, current_app
from wtforms import form
from wtforms.csrf.session import SessionCSRF
from wtforms.fields.core import UnboundField

from flask_admin._compat import text_type
from flask_admin.babel import Translations

from .fields import * # noqa: F403,F401
Expand Down Expand Up @@ -40,35 +46,24 @@ def recreate_field(unbound):
return unbound.field_class(*unbound.args, **unbound.kwargs)


if int(wtforms_version[0]) > 1:
# only WTForms 2+ has built-in CSRF functionality
from os import urandom
from flask import session, current_app
from wtforms.csrf.session import SessionCSRF
from flask_admin._compat import text_type

class SecureForm(BaseForm):
"""
BaseForm with CSRF token generation and validation support.
Requires WTForms 2+
"""
class Meta:
csrf = True
csrf_class = SessionCSRF
_csrf_secret = urandom(24)

@property
def csrf_secret(self):
secret = current_app.secret_key or self._csrf_secret
if isinstance(secret, text_type):
secret = secret.encode('utf-8')
return secret

@property
def csrf_context(self):
return session
else:
class SecureForm(BaseForm):
def __init__(self, *args, **kwargs):
raise Exception("SecureForm requires WTForms 2+")
class SecureForm(BaseForm):
"""
BaseForm with CSRF token generation and validation support.
Requires WTForms 2+
"""
class Meta:
csrf = True
csrf_class = SessionCSRF
_csrf_secret = urandom(24)

@property
def csrf_secret(self):
secret = current_app.secret_key or self._csrf_secret
if isinstance(secret, text_type):
secret = secret.encode('utf-8')
return secret

@property
def csrf_context(self):
return session
6 changes: 0 additions & 6 deletions flask_admin/tests/mongoengine/__init__.py
Original file line number Diff line number Diff line change
@@ -1,9 +1,3 @@
from unittest import SkipTest
from wtforms import __version__ as wtforms_version

if int(wtforms_version[0]) < 2:
raise SkipTest('MongoEngine does not support WTForms 1.')

from flask import Flask
from flask_admin import Admin
from flask_mongoengine import MongoEngine
Expand Down
11 changes: 0 additions & 11 deletions flask_admin/tests/test_model.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
import wtforms

from flask import Flask

try:
Expand All @@ -16,14 +14,6 @@
from flask_admin.model.template import macro


def wtforms2_and_up(func):
"""Decorator for skipping test if wtforms <2
"""
if int(wtforms.__version__[0]) < 2:
func.__test__ = False
return func


class Model(object):
def __init__(self, id=None, c1=1, c2=2, c3=3):
self.id = id
Expand Down Expand Up @@ -353,7 +343,6 @@ def test_form():
pass


@wtforms2_and_up
def test_csrf():
class SecureModelView(MockModelView):
form_base_class = form.SecureForm
Expand Down

0 comments on commit c4ba7cc

Please sign in to comment.