2018-01-16T20:22:10Z

The Flask Mega-Tutorial Part VII: Error Handling

This is the seventh installment of the Flask Mega-Tutorial series, in which I'm going to tell you how to do error handling in a Flask application.

For your reference, below is a list of the articles in this series.

In this chapter I'm taking a break from coding new features into my microblog application, and instead will discuss a few strategies to deal with bugs, which invariably make an appearance in every software project. To help illustrate this topic, I intentionally let a bug slip in the code that I've added in Chapter 6. Before you continue reading, see if you can find it!

The GitHub links for this chapter are: Browse, Zip, Diff.

Error Handling in Flask

What happens when an error occurs in a Flask application? The best way to find out is to experience it first hand. Go ahead and start the application, and make sure you have at least two users registered. Log in as one of the users, open the profile page and click the "Edit" link. In the profile editor, try to change the username to the username of another user that is already registered, and boom! This is going to bring a scary looking "Internal Server Error" page:

Internal Server Error

If you look in the terminal session where the application is running, you will see a stack trace of the error. Stack traces are extremely useful in debugging errors, because they show the sequence of calls in that stack, all the way to the line that produced the error:

(venv) $ flask run
 * Serving Flask app "microblog"
 * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
[2021-06-14 22:40:02,027] ERROR in app: Exception on /edit_profile [POST]
Traceback (most recent call last):
  File "venv/lib/python3.6/site-packages/sqlalchemy/engine/base.py", in _execute_context
    context)
  File "venv/lib/python3.6/site-packages/sqlalchemy/engine/default.py", in do_execute
    cursor.execute(statement, parameters)
sqlite3.IntegrityError: UNIQUE constraint failed: user.username

The stack trace indicates what is the bug. The application allows a user to change the username, and does not validate that the new username chosen does not collide with another user already in the system. The error comes from SQLAlchemy, which tries to write the new username to the database, but the database rejects it because the username column is defined with unique=True.

It is important to note that the error page that is presented to the user does not provide much information about the error, and that is good. I definitely do not want users to learn that the crash was caused by a database error, or what database I'm using, or what are some of the table and field names in my database. All that information should be kept internal.

There are a few things that are far from ideal. I have an error page that is very ugly and does not match the application layout. I also have important application stack traces being dumped on a terminal that I need to constantly watch to make sure I don't miss any errors. And of course I have a bug to fix. I'm going to address all these issues, but first, let's talk about Flask's debug mode.

Debug Mode

The way you saw that errors are handled above is great for a system that is running on a production server. If there is an error, the user gets a vague error page (though I'm going to make this error page nicer), and the important details of the error are in the server process output or in a log file.

But when you are developing your application, you can enable debug mode, a mode in which Flask outputs a really nice debugger directly on your browser. To activate debug mode, stop the application, and then set the following environment variable:

(venv) $ export FLASK_ENV=development

If you are on Microsoft Windows, remember to use set instead of export.

After you set FLASK_ENV, restart the server. The output on your terminal is going to be slightly different than what you are used to see:

(venv) microblog2 $ flask run
 * Serving Flask app 'microblog.py' (lazy loading)
 * Environment: development
 * Debug mode: on
 * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
 * Restarting with stat
 * Debugger is active!
 * Debugger PIN: 118-204-854

Now make the application crash one more time to see the interactive debugger in your browser:

Flask Debugger

The debugger allows you expand each stack frame and see the corresponding source code. You can also open a Python prompt on any of the frames and execute any valid Python expressions, for example to check the values of variables.

It is extremely important that you never run a Flask application in debug mode on a production server. The debugger allows the user to remotely execute code in the server, so it can be an unexpected gift to a malicious user who wants to infiltrate your application or your server. As an additional security measure, the debugger running in the browser starts locked, and on first use will ask for a PIN number, which you can see in the output of the flask run command.

Since I am in the topic of debug mode, I should mention the second important feature that is enabled with debug mode, which is the reloader. This is a very useful development feature that automatically restarts the application when a source file is modified. If you run flask run while in debug mode, you can then work on your application and any time you save a file, the application will restart to pick up the new code.

Custom Error Pages

Flask provides a mechanism for an application to install its own error pages, so that your users don't have to see the plain and boring default ones. As an example, let's define custom error pages for the HTTP errors 404 and 500, the two most common ones. Defining pages for other errors works in the same way.

To declare a custom error handler, the @errorhandler decorator is used. I'm going to put my error handlers in a new app/errors.py module.

app/errors.py: Custom error handlers

from flask import render_template
from app import app, db

@app.errorhandler(404)
def not_found_error(error):
    return render_template('404.html'), 404

@app.errorhandler(500)
def internal_error(error):
    db.session.rollback()
    return render_template('500.html'), 500

The error functions work very similarly to view functions. For these two errors, I'm returning the contents of their respective templates. Note that both functions return a second value after the template, which is the error code number. For all the view functions that I created so far, I did not need to add a second return value because the default of 200 (the status code for a successful response) is what I wanted. In this case these are error pages, so I want the status code of the response to reflect that.

The error handler for the 500 errors could be invoked after a database error, which was actually the case with the username duplicate above. To make sure any failed database sessions do not interfere with any database accesses triggered by the template, I issue a session rollback. This resets the session to a clean state.

Here is the template for the 404 error:

app/templates/404.html: Not found error template

{% extends "base.html" %}

{% block content %}
    <h1>File Not Found</h1>
    <p><a href="{{ url_for('index') }}">Back</a></p>
{% endblock %}

And here is the one for the 500 error:

app/templates/500.html: Internal server error template

{% extends "base.html" %}

{% block content %}
    <h1>An unexpected error has occurred</h1>
    <p>The administrator has been notified. Sorry for the inconvenience!</p>
    <p><a href="{{ url_for('index') }}">Back</a></p>
{% endblock %}

Both templates inherit from the base.html template, so that the error page has the same look and feel as the normal pages of the application.

To get these error handlers registered with Flask, I need to import the new app/errors.py module after the application instance is created:

app/__init__.py: Import error handlers

# ...

from app import routes, models, errors

If you set FLASK_ENV=production in your terminal session and then trigger the duplicate username bug one more time, you are going to see a slightly more friendly error page.

Custom 500 Error Page

Sending Errors by Email

The other problem with the default error handling provided by Flask is that there are no notifications, stack trace for errors are printed to the terminal, which means that the output of the server process needs to be monitored to discover errors. When you are running the application during development, this is perfectly fine, but once the application is deployed on a production server, nobody is going to be looking at the output, so a more robust solution needs to be put in place.

I think it is very important that I take a proactive approach regarding errors. If an error occurs on the production version of the application, I want to know right away. So my first solution is going to be to configure Flask to send me an email immediately after an error, with the stack trace of the error in the email body.

The first step is to add the email server details to the configuration file:

config.py: Email configuration

class Config(object):
    # ...
    MAIL_SERVER = os.environ.get('MAIL_SERVER')
    MAIL_PORT = int(os.environ.get('MAIL_PORT') or 25)
    MAIL_USE_TLS = os.environ.get('MAIL_USE_TLS') is not None
    MAIL_USERNAME = os.environ.get('MAIL_USERNAME')
    MAIL_PASSWORD = os.environ.get('MAIL_PASSWORD')
    ADMINS = ['your-email@example.com']

The configuration variables for email include the server and port, a boolean flag to enable encrypted connections, and optional username and password. The five configuration variables are sourced from their environment variable counterparts. If the email server is not set in the environment, then I will use that as a sign that emailing errors needs to be disabled. The email server port can also be given in an environment variable, but if not set, the standard port 25 is used. Email server credentials are by default not used, but can be provided if needed. The ADMINS configuration variable is a list of the email addresses that will receive error reports, so your own email address should be in that list.

Flask uses Python's logging package to write its logs, and this package already has the ability to send logs by email. All I need to do to get emails sent out on errors is to add a SMTPHandler instance to the Flask logger object, which is app.logger:

app/__init__.py: Log errors by email

import logging
from logging.handlers import SMTPHandler

# ...

if not app.debug:
    if app.config['MAIL_SERVER']:
        auth = None
        if app.config['MAIL_USERNAME'] or app.config['MAIL_PASSWORD']:
            auth = (app.config['MAIL_USERNAME'], app.config['MAIL_PASSWORD'])
        secure = None
        if app.config['MAIL_USE_TLS']:
            secure = ()
        mail_handler = SMTPHandler(
            mailhost=(app.config['MAIL_SERVER'], app.config['MAIL_PORT']),
            fromaddr='no-reply@' + app.config['MAIL_SERVER'],
            toaddrs=app.config['ADMINS'], subject='Microblog Failure',
            credentials=auth, secure=secure)
        mail_handler.setLevel(logging.ERROR)
        app.logger.addHandler(mail_handler)

As you can see, I'm only going to enable the email logger when the application is running without debug mode, which is indicated by app.debug being True, and also when the email server exists in the configuration.

Setting up the email logger is somewhat tedious due to having to handle optional security options that are present in many email servers. But in essence, the code above creates a SMTPHandler instance, sets its level so that it only reports errors and not warnings, informational or debugging messages, and finally attaches it to the app.logger object from Flask.

There are two approaches to test this feature. The easiest one is to use the SMTP debugging server from Python. This is a fake email server that accepts emails, but instead of sending them, it prints them to the console. To run this server, open a second terminal session and run the following command on it:

(venv) $ python -m smtpd -n -c DebuggingServer localhost:8025

Leave the debugging SMTP server running and go back to your first terminal and set export MAIL_SERVER=localhost and MAIL_PORT=8025 in the environment (use set instead of export if you are using Microsoft Windows). Make sure the FLASK_ENV variable is set to production or not set at all, since the application will not send emails in debug mode. Run the application and trigger the SQLAlchemy error one more time to see how the terminal session running the fake email server shows an email with the full stack trace of the error.

A second testing approach for this feature is to configure a real email server. Below is the configuration to use your Gmail account's email server:

export MAIL_SERVER=smtp.googlemail.com
export MAIL_PORT=587
export MAIL_USE_TLS=1
export MAIL_USERNAME=<your-gmail-username>
export MAIL_PASSWORD=<your-gmail-password>

If you are using Microsoft Windows, remember to use set instead of export in each of the statements above.

The security features in your Gmail account may prevent the application from sending emails through it unless you explicitly allow "less secure apps" access to your Gmail account. You can read about this here, and if you are concerned about the security of your account, you can create a secondary account that you configure just for testing emails, or you can enable less secure apps only temporarily to run this test and then revert back to the default.

Yet another alternative is to use a dedicated email service such as SendGrid, which allows you to send up to 100 emails per day on a free account. The SendGrid blog has a detailed tutorial on using the service in a Flask application.

Logging to a File

Receiving errors via email is nice, but sometimes this isn't enough. There are some failure conditions that do not end in a Python exception and are not a major problem, but they may still be interesting enough to save for debugging purposes. For this reason, I'm also going to maintain a log file for the application.

To enable a file based log another handler, this time of type RotatingFileHandler, needs to be attached to the application logger, in a similar way to the email handler.

app/__init__.py: Logging to a file

# ...
from logging.handlers import RotatingFileHandler
import os

# ...

if not app.debug:
    # ...

    if not os.path.exists('logs'):
        os.mkdir('logs')
    file_handler = RotatingFileHandler('logs/microblog.log', maxBytes=10240,
                                       backupCount=10)
    file_handler.setFormatter(logging.Formatter(
        '%(asctime)s %(levelname)s: %(message)s [in %(pathname)s:%(lineno)d]'))
    file_handler.setLevel(logging.INFO)
    app.logger.addHandler(file_handler)

    app.logger.setLevel(logging.INFO)
    app.logger.info('Microblog startup')

I'm writing the log file with name microblog.log in a logs directory, which I create if it doesn't already exist.

The RotatingFileHandler class is nice because it rotates the logs, ensuring that the log files do not grow too large when the application runs for a long time. In this case I'm limiting the size of the log file to 10KB, and I'm keeping the last ten log files as backup.

The logging.Formatter class provides custom formatting for the log messages. Since these messages are going to a file, I want them to have as much information as possible. So I'm using a format that includes the timestamp, the logging level, the message and the source file and line number from where the log entry originated.

To make the logging more useful, I'm also lowering the logging level to the INFO category, both in the application logger and the file logger handler. In case you are not familiar with the logging categories, they are DEBUG, INFO, WARNING, ERROR and CRITICAL in increasing order of severity.

As a first interesting use of the log file, the server writes a line to the logs each time it starts. When this application runs on a production server, these log entries will tell you when the server was restarted.

Fixing the Duplicate Username Bug

I have exploited the username duplication bug for too long. Now that I have showed you how to prepare the application to handle this type of errors, I can go ahead and fix it.

If you recall, the RegistrationForm already implements validation for usernames, but the requirements of the edit form are slightly different. During registration, I need to make sure the username entered in the form does not exist in the database. On the edit profile form I have to do the same check, but with one exception. If the user leaves the original username untouched, then the validation should allow it, since that username is already assigned to that user. Below you can see how I implemented the username validation for this form:

app/forms.py: Validate username in edit profile form.

class EditProfileForm(FlaskForm):
    username = StringField('Username', validators=[DataRequired()])
    about_me = TextAreaField('About me', validators=[Length(min=0, max=140)])
    submit = SubmitField('Submit')

    def __init__(self, original_username, *args, **kwargs):
        super(EditProfileForm, self).__init__(*args, **kwargs)
        self.original_username = original_username

    def validate_username(self, username):
        if username.data != self.original_username:
            user = User.query.filter_by(username=self.username.data).first()
            if user is not None:
                raise ValidationError('Please use a different username.')

The implementation is in a custom validation method, but there is an overloaded constructor that accepts the original username as an argument. This username is saved as an instance variable, and checked in the validate_username() method. If the username entered in the form is the same as the original username, then there is no reason to check the database for duplicates.

To use this new validation method, I need to add the original username argument in the view function, where the form object is created:

app/routes.py: Validate username in edit profile form.

@app.route('/edit_profile', methods=['GET', 'POST'])
@login_required
def edit_profile():
    form = EditProfileForm(current_user.username)
    # ...

Now the bug is fixed and duplicates in the edit profile form will be prevented in most cases. This is not a perfect solution, because it may not work when two or more processes are accessing the database at the same time. In that situation, a race condition could cause the validation to pass, but a moment later when the rename is attempted the database was already changed by another process and cannot rename the user. This is somewhat unlikely except for very busy applications that have a lot of server processes, so I'm not going to worry about it for now.

At this point you can try to reproduce the error one more time to see how the new form validation method prevents it.

275 comments

  • #51 Miguel Grinberg said 2018-06-11T19:01:58Z

    @Sim: for gmail, you need to enable "less secure apps" option in the configuration, as indicated in this article.

  • #52 Gawayne said 2018-06-11T21:40:05Z

    Hi Miguel,

    The code: " fromaddr='no-reply@' + app.config['MAIL_SERVER']" does display " From: no-reply@localhost' " in the python debugging server. However when i use my Gmail account email server, the email is sent, but from my own gmail email address and not "no-reply@gmail.com as i expected. Why is this so?

    Also when i trigger the 404 error defined, the error is not sent to the email nor is it logged to the file defined. Should it be there?

  • #53 Miguel Grinberg said 2018-06-11T22:38:50Z

    @Gawayne: the contents of the "from" field are controlled by your email server. If you use gmail, they may decide to ignore what Flask-Mail is using and force that to be your own email address. Using gmail is only for testing purposes anyway, you can't use that service to send emails in a production application.

    The 404 error is not a type of error that is logged, because it is not an error in the application, but an error made by the client, who is asking for an invalid page. Try adding code that triggers a division by zero for example, those kinds of errors will be logged and emailed.

  • #54 Krzysztof Filimonowicz said 2018-06-21T02:41:21Z

    Hello Miguel, I went a bit ahead and I've already deployed my project via pythonanywhere.com. So far I was able to adapt the instructions to an alternative environment, but I'm in a spot of bother with the e-mail functionality and I hoped you could advise me a bit. The thing is, although the bash console is available on the portal the site itself is deployed via a SWGI file. Therefore, I wonder if the Gmail server configuration should be typed into the bash console or somehow incorporated into this WSGI file. Do you happen to know what may be the solution to my predicament? Best Regards, Chris P.S: Congratulations on your tutorial. I'm still unsure if my skills are on par with the prerequisites but I'll see if it gets any clearer upon completion :)

  • #55 Miguel Grinberg said 2018-06-21T05:56:44Z

    @Krzysztof: do not write passwords or other secrets in script files. Instead, I suggest you define environment variables. It seems in PythonAnywhere the process is a bit tricky, but they have documented it: https://help.pythonanywhere.com/pages/environment-variables-for-web-apps/. If you use Flask 1.0 or newer you only need to install python-dotenv and create the .env file, as Flask automatically imports it if found in the root directory of the project.

  • #56 Gennady said 2018-06-24T13:34:31Z

    Hi, Miguel! Thank you for your work! In my case it was necessary to add timeout value to SMTPHandler configuration to make it working:

    mail_handler = SMTPHandler( mailhost=(app.config['MAIL_SERVER'], app.config['MAIL_PORT']), fromaddr='no-reply@' + app.config['MAIL_SERVER'], toaddrs=app.config['ADMINS'], subject='Microblog Failure', credentials=auth, secure=secure, timeout=10)

    Without timeout set, I've always had stmp timeout error.

  • #57 Miguel Grinberg said 2018-06-25T04:56:33Z

    @Gennady: this must be a problem with the mail server that you are using. Setting a timeout simply makes the application bail from sending the email sooner, but it isn't a solution.

  • #58 Ernie Peters said 2018-06-25T16:32:22Z

    Hi Miguel. FIrst off, I love your tutorials. I tired starting by learning dJango but it got very complex very quickly. I love that flask is more under the hood stuff and I actually start to understand the inner workings of the Model, View, Control structure. I have a problem through with this part of the tutorial. I've followed everything to a 'T' but I cannot get my errors displaying with the 'base.html' layout. Its like its not routing properly. I get the default boring error message.

  • #59 Francis said 2018-06-27T12:42:20Z

    Hi Miguel, I am trying to setup error handling using TLS to send errors and I'm getting the following error: smtplib.SMTPServerDisconnected: Connection unexpectedly closed: timed out All the other details are correct and I am able to send when not using ssl/tls. Adding the timeout did not make any difference for me. Traceback (most recent call last): File "/usr/local/Cellar/python/3.6.3/Frameworks/Python.framework/Versions/3.6/lib/python3.6/smtplib.py", line 387, in getreply line = self.file.readline(_MAXLINE + 1) File "/usr/local/Cellar/python/3.6.3/Frameworks/Python.framework/Versions/3.6/lib/python3.6/socket.py", line 586, in readinto return self._sock.recv_into(b) socket.timeout: timed out

    please help

  • #60 Miguel Grinberg said 2018-06-27T15:02:49Z

    @Ernie: Not sure, but you need to investigate why the decorated error handlers do not get registered. You can see my version of the code on GitHub, using the link at the top of this article if you need to compare.

  • #61 Miguel Grinberg said 2018-06-27T15:13:51Z

    @Francis: Not sure how I can help. The connection is timing out, so I you must be wrong when you think your connection settings are correct.

  • #62 Dong Tan Nguyen said 2018-07-18T17:12:45Z

    Hi Miguel, Thank you so much for your excellent tutorial blog! I have one question about validate_username() method:

    if user is not None: raise ValidationError('Please use a different username.') At this line, when you raise a validation error, how can flask know that this is a username error but not an about_me error ?

    Thanks!

  • #63 Miguel Grinberg said 2018-07-18T18:37:41Z

    @Dong: it knows it is about the username because the exception was raised while validating that field.

  • #64 Harsh said 2018-07-23T22:10:27Z

    Hi Miguel, thank you for this tutorial. I am facing issue with SMTP debugging server from Python python -m smtpd -n -c DebuggingServer localhost:8025 when I enter this in my terminal, nothing happens. I couldn't find any related info on Google so thought of asking you.

  • #65 Miguel Grinberg said 2018-07-24T21:01:23Z

    @Harsh: did you try sending an email after you started the debugging SMTP server?

  • #66 ryan said 2018-07-28T18:23:51Z

    Hi,

    You've really laid out the documentation quite well and I'm thoroughly enjoying learning Flask from the ground up.

    I am unable to get receive emails from or log errors. I've tried with both a gmail account and a local mail server. I don't find any difference in our code. And at this time, when I change the name in the edit profile sections, it does not throw an error.

    Also, Flask shell is not working for me and I don't know if it's related or not. Thanks in advance!

  • #67 Miguel Grinberg said 2018-07-30T20:47:17Z

    @ryan: first, make sure you have the FLASK_APP environment variable set, as indicated in chapter 1. Then, try the SMTP development server to see if emails are sent that way.

  • #68 eli said 2018-08-02T11:37:11Z

    thanks for your great tutorial! I have study flask many times by reading the flask official tutorial or some other flask tutorials. it's easy to follow their procedure to write code but it's hard to understand why they are doing like this. Your explain everything so clear and for the first time I exactly understand every detail.

    but for this chapter I am not very sure about 1 point, in class EditProfileForm:

    def validate_username(self, username): if username.data != self.original_username: user = User.query.filter_by(username=self.username.data).first() if user is not None: raise ValidationError('Please use a different username.')

    I just want to make sure, the "self.username.data" in line 3, it is actually the data from "username" field, the modified "username", right?

    so "self.username.data" in line 3 is the same with "username.data" in line 2, right?

    if I am right, please tell me why you are using "self.username" here, not "username" itself? if i am wrong, please also tell me the reason.

    thanks very much!

  • #69 Miguel Grinberg said 2018-08-04T07:46:10Z

    @eli: You are correct, in this context, the username argument is the same as self.username.

  • #70 okovko said 2018-08-13T02:20:41Z

    Here's how I set up mail on Ubuntu 18.04 and OSX High Sierra (took a while to figure out for Mac)

    https://myaccount.google.com/ 2 factor authentication needs to be set up Click "Signing into Google" Click "App passwords" Select "Mail" and "other", maybe name it "msmtp" Generate the msmtp password and save it somewhere

    UBUNTU: sudo apt-get install mailutils sudo apt-get install msmtp sudo apt-get install msmtp-mta

    OSX: sudo brew install mailutils sudo brew install msmtp echo "set sendmail=/usr/bin/msmtp" | sudo tee -a /etc/mail.rc

    write this to ~/.msmtprc defaults auth on tls on

    FOR UBUNTU ONLY: tls_trust_file /etc/ssl/certs/ca-certificates.crt

    logfile ~/.msmtp.log account gmail host smtp.gmail.com port 587 from you@mail.com user you password the-one-you-generated-earlier account default: gmail

    OSX ONLY: { echo -n "tls_fingerprint & msmtp --serverinfo --tls --tls-certcheck=off --host=smtp.gmail.com --port=587 | grep -e "SHA256" | tr -s ' ' | cut -c10- ;} >> ~/.msmtprc

    append to ~/.$(basename $SHELL)rc export MAIL_SERVER = smtp.gmail.com export MAIL_PORT = 587 export MAIL_USE_TLS = True export MAIL_USE_SSL = False export MAIL_USERNAME = you@mail.com export MAIL_PASSWORD = the-one-you-generated-earlier

    append this to ____/microblog/.flaskenv export MAIL_SERVER = localhost export MAIL_PORT = 8025

  • #71 okovko said 2018-08-17T00:09:52Z

    I wish you had a search comments feature. I'm not sure if someone has asked this, but in app/init.py, you write

    if app.config['MAIL_USERNAME'] or app.config['MAIL_PASSWORD']: auth = (app.config['MAIL_USERNAME'], app.config['MAIL_PASSWORD'])

    Shouldn't this be

    if _ and _:

    instead of

    if _ or _:

    It does not make sense to me to proceed with making an auth tuple unless there is both a username and a password available

  • #72 Miguel Grinberg said 2018-08-17T07:18:41Z

    @okovko: in some cases authentication is given as a single value, a token. This token can be given in the username or password field, depending on each case. The OR in this case covers for those unusual auth mechanisms. If you don't like it, there is absolutely no problem if you change the condition to AND.

  • #73 Max said 2018-08-23T14:26:29Z

    Dear Miguel! Thanks for the tutorial and all the other blog posts. I also have a question regarding the OOP-Patern you are using. I used another approach:

    from flask_login import current_user

    ... def validate_username(self, username): if username.data != current_user.username: user = User.query.filter_by(username=username.data).first() if user is not None: raise ValidationError('Please use a different username')

    It works just fine and for me it is cleaner. But is there a catch I'm not seeing?

    PS: I hope enough ppl are buying your course in order for you to keep on producing (maybe another course)

  • #74 Avi said 2018-08-25T02:02:49Z

    Can you please explain how below code works?

    def init(self, original_username, *args, kwargs): super(EditProfileForm, self).__init__(*args, kwargs) self.original_username = original_username

  • #75 Miguel Grinberg said 2018-08-25T10:47:08Z

    @Max: well, there is nothing wrong with your approach, other than this form now depends on the Flask-Login extension. If you ever take this form to another project that doesn't use Flask-Login then it won't work. My solution is better (in my opinion) because it does not create a dependency between the two extensions. It's not a huge deal, by the way, if you like your solution better, then by all means use it!

Leave a Comment