1.cms登录页面csrf保护
(1)Perfect_bbs.py
from flask_wtf import CSRFProtect
CSRFProtect(app)
```
添加csrf保护后,现在再去登录
![image](http://upload-images.jianshu.io/upload_images/12206509-4418f059c91afc70.png?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240)
(2)cms/cms_login.html添加csrf保护
```
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
```
#2.cms后台修改密码界面布局完成
(1)cms.views.py
```
class ResetPwdView(views.MethodView):
decorators = [login_required]
def get(self):
return render_template('cms/cms_resetpwd.html')
def post(self):
pass
bp.add_url_rule('/resetpwd/',view_func=ResetPwdView.as_view('resetpwd'))
```
(2)cms/cms_base.html
```
<li><a href="{{ url_for('cms.resetpwd') }}">修改密码</a></li>
```
(3)cms/cms_resetpwd.html
```
{% extends 'cms/cms_base.html' %}
{% block title %}
修改密码
{% endblock %}
{% block page_title %}
{{ self.title() }}
{% endblock %}
{% block head %}
<style>
.form-container{
width: 300px;
}
</style>
{% endblock %}
{% block main_content %}
<form method="post">
<div class="form-container">
<div class="form-group">
<div class="input-group">
<span class="input-group-addon">旧密码</span>
<input type="password" class="form-control" name="oldpwd" placeholder="请输入旧密码">
</div>
</div>
<div class="form-group">
<div class="input-group">
<span class="input-group-addon">新密码</span>
<input type="password" class="form-control" name="newpwd" placeholder="请输入新密码">
</div>
</div>
<div class="form-group">
<div class="input-group">
<span class="input-group-addon">确认新密码</span>
<input type="password" class="form-control" name="newpwd2" placeholder="请确认新密码">
</div>
</div>
<div class="form-group">
<button class="btn btn-primary">立即保存</button>
</div>
</div>
</form>
{% endblock %}
```
效果:
![图片.png](https://upload-images.jianshu.io/upload_images/12206509-cf305adb5880dcf9.png?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240)