I have a WTFforms "user add" form which takes common attributes for a user and commits them to a database. The values of these html form fields are being populated on page load when not desired.
I have not set any jinja code to set the fields and in the route for this page I have not passed a user to the render_template call.
The fields of the user form and the user class are very similar as you would expect
User Object
class User(UserMixin, db.Model):
id = db.Column(db.Integer, primary_key=True)
firstname = db.Column(db.String(64), index=True, unique=False)
surname = db.Column(db.String(64), index=True, unique=False)
email = db.Column(db.String(120), index=True, unique=True)
password_hash = db.Column(db.String(128))
num_records_added = db.Column(db.Integer, unique=False, default=0)
num_records_edited = db.Column(db.Integer, unique=False, default=0)
role = db.Column(db.String(20), index=False, unique=False, default='Editor')
User form
class AddUserForm(FlaskForm):
firstname = StringField('First name', validators=[DataRequired()])
surname = StringField('Surname', validators=[DataRequired()])
email = StringField('Email address', validators=[DataRequired(), Email()])
role = SelectField('Role', choices=[], validators=[DataRequired()])
password = PasswordField('password', validators=[DataRequired()])
num_records_added = IntegerField('Number of Records Added')
submit = SubmitField('Submit')
My assumption is that there is interaction between the logged in user via flask_login and the form because they share similar atributes/fields.
To prove this I modified the form so that each field has a trailing "_" as part of it's name and updated the route/template to work with this new naming style and the problem goes away.
Can someone explain what is happening here and what is the correct approach to avoiding this problem?
