I'm creating a site using the Flask framework, and am implementing a confirmation page for (mainly administrative) actions; i.e. deleting a user.
My current method (detailed below) works, but feels quite clunky and seems like a huge amount of work for a simple task. Is there a more optimal solution to this?
Currently I have a route to initiate the action:
@admin.route('/user/<int:user_id>/delete', methods=['GET'])
@login_required
@admin_required
def del_user(user_id):
user = User.query.get_or_404(user_id)
desc = "delete"
subject = user.username
action = 'admin.do_del_user'
next = url_for('admin.get_user', user_id=user.id)
return redirect(url_for('main._confirm', desc=desc, subject=subject, action=action, next=next, user_id=user.id))
Which redirects over to the confirm route:
@main.route('/confirm', methods=['GET', 'POST'])
def _confirm():
form = Confirm()
kwargs = {}
for arg in request.args:
if arg != 'action' or arg != 'desc' or arg != 'subject':
kwargs[arg] = request.args[arg]
action = request.args.get('action')
desc = request.args.get('desc')
subject = request.args.get('subject')
if action is None:
abort(404)
if form.validate_on_submit():
return redirect(url_for(action, confirm=form.confirm.data, **kwargs))
return render_template('_confirm.html', form=form, desc=desc, subject=subject)
Which then redirects again to do the actual action after validating the confirmation form:
@admin.route('/user/<int:user_id>/do_delete', methods=['GET'])
@login_required
@admin_required
def do_del_user(user_id):
confirm = request.args.get('confirm')
next = request.args.get('next')
if confirm:
user = User.query.get_or_404(user_id)
db.session.delete(user)
db.session.commit()
return redirect(next)
I hope that makes sense! Just to note, desc and subject are passed for the confirmation template, and the kwargs is just to catch anything url_for() needs in building the urls.
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…