Simplify login form a bit

flask_security/forms.py

@@ -42,8 +42,9 @@ def valid_user_email(form, field):
 
 class Form(BaseForm):
     def __init__(self, *args, **kwargs):
-        super(Form, self).__init__(csrf_enabled=not current_app.testing,
-                                   *args, **kwargs)
+        kwargs.setdefault('csrf_enabled', not current_app.testing)
+        super(Form, self).__init__(*args, **kwargs)
+
 
 class EmailFormMixin():
     email = TextField("Email Address",
@@ -133,7 +134,7 @@ class PasswordlessLoginForm(Form, UserEmailFormMixin):
 
 class LoginForm(Form, NextFormMixin):
     """The default login form"""
-    email = TextField('Email Address', validators=[Email()])
+    email = TextField('Email Address')
     password = PasswordField('Password')
     remember = BooleanField("Remember Me")
     submit = SubmitField("Login")
@@ -142,8 +143,16 @@ class LoginForm(Form, NextFormMixin):
         super(LoginForm, self).__init__(*args, **kwargs)
 
     def validate(self):
-        if not super(LoginForm, self).validate():
+        super(LoginForm, self).validate()
+
+        if self.email.data.strip() == '':
+            self.email.errors.append('Email not provided')
             return False
+
+        if self.password.data.strip() == '':
+            self.email.errors.append('Password not provided')
+            return False
+
         self.user = _datastore.find_user(email=self.email.data)
 
         if self.user is None:

flask_security/script.py

@@ -43,7 +43,6 @@ class CreateUserCommand(Command):
         Option('-e', '--email',    dest='email',    default=None),
         Option('-p', '--password', dest='password', default=None),
         Option('-a', '--active',   dest='active',   default=''),
-        Option('-r', '--roles',    dest='roles',    default=''),
     )
 
     @commit
@@ -52,16 +51,20 @@ class CreateUserCommand(Command):
         ai = re.sub(r'\s', '', str(kwargs['active']))
         kwargs['active'] = ai.lower() in ['', 'y', 'yes', '1', 'active']
 
-        # sanitize role input a bit
-        ri = re.sub(r'\s', '', kwargs['roles'])
-        kwargs['roles'] = [] if ri == '' else ri.split(',')
-        kwargs['password'] = encrypt_password(kwargs['password'])
+        from flask_security.forms import ConfirmRegisterForm
+        from werkzeug.datastructures import MultiDict
 
-        _datastore.create_user(**kwargs)
+        form = ConfirmRegisterForm(MultiDict(kwargs), csrf_enabled=False)
 
-        print 'User created successfully.'
-        kwargs['password'] = '****'
-        pprint(kwargs)
+        if form.validate():
+            kwargs['password'] = encrypt_password(kwargs['password'])
+            _datastore.create_user(**kwargs)
+            print 'User created successfully.'
+            kwargs['password'] = '****'
+            pprint(kwargs)
+        else:
+            print 'Error creating user'
+            pprint(form.errors)
 
 
 class CreateRoleCommand(Command):

tests/functional_tests.py

@@ -49,10 +49,6 @@ class DefaultSecurityTests(SecurityTest):
         r = self.authenticate(password="")
         self.assertIn("Password not provided", r.data)
 
-    def test_invalid_email(self):
-        r = self.authenticate(email="bogus")
-        self.assertIn("Invalid email address", r.data)
-
     def test_invalid_user(self):
         r = self.authenticate(email="bogus@bogus.com")
         self.assertIn("Specified user does not exist", r.data)