405 错误：请求的 URL 不允许该方法

Posted 2023-03-03

【中文标题】405 错误：请求的 URL 不允许该方法

【英文标题】：405 Error: The method is not allowed for the requested URL

【发布时间】：2020-03-05 23:52:43

【问题描述】：

我一直在尝试为我的网站编写重置密码。但是，我一直遇到 405 错误。谷歌说这很可能是客户端错误，但我认为我的 html 很好。我不确定还有什么可能导致错误。

我试过在没有内容的情况下测试 url，但这也不起作用。

routes.py

def send_reset_email(user):
    token = user.get_reset_token()
    msg = Message('Password Reset Request', sender='noreply@clubsapp.com', recipients=[user.email])
    msg.body = f'''To reset your password, visit the following link:
url_for('reset_token', token=token, _external=True)

If you did not make this request then simply ignore this email and no change will be made.
'''
    mail.send(msg)

@users.route('/reset_request', methods=['GET, POST'])
def reset_request():
    if current_user.is_authenticated:
        return redirect(url_for('main.home'))
    form = RequestResetForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).first()
        send_reset_email(user)
        flash('An email has been sent with instructions to reset your password', 'info')
        return redirect(url_for('users.login'))
    return render_template('reset_request.html', title='Reset Password', form=form)

@users.route('/reset_password/<token>', methods=['GET, POST'])
def reset_token(token):
    if current_user.is_authenticated:
        return redirect(url_for('main.home'))
    user = User.verify_reset_token(token)
    if user is None:
        flash('That is an invalid or expired token', 'warning')
        return redirect(url_for('reset_request'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
        user.password = hashed_password
        db.session.commit()
        flash(f'Your password has been updated, you are now able to log in!', 'success')
        return redirect(url_for('users.login'))
    return render_template('reset_token.html', title='Reset Password', form=form)

forms.py

class RequestResetForm(FlaskForm):
    email = StringField('Email', 
        validators=[DataRequired(), Email()],
        render_kw="placeholder":"Enter Email")
    submit = SubmitField('Request Password Reset')

    def validate_email(self, email):
        user = User.query.filter_by(email=email.data).first()     
        if user is None:
            raise ValidationError('There is no account with that email. You must register first.')

class ResetPasswordForm(FlaskForm):
    password = PasswordField('Password', 
        validators=[DataRequired(), EqualTo('confirm_password', message='Passwords Must Match')],
        render_kw="placeholder":"Create Password")
    confirm_password = PasswordField('Confirm Password', 
        validators=[DataRequired(), EqualTo('password', message='Passwords Must Match')],
        render_kw="placeholder":"Confirm Password")
    submit = SubmitField('Reset Password')

models.py

class User(db.Model, UserMixin):
    id = db.Column(db.Integer, primary_key=True)
    firstname = db.Column(db.String(15), nullable=False)
    lastname = db.Column(db.String(15), nullable=False)
    email = db.Column(db.String(60), unique=True, nullable=False)
    password = db.Column(db.String(60), nullable=False)
    role = db.Column(db.Integer(), nullable=False, default=ROLES['student'])
    clubs = db.relationship('Club', secondary=user_club_assoc_table)

    def get_reset_token(self, expires_sec=1800):
        s = Serializer(app.config['SECRET_KEY'], expires_sec)
        return s.dumps('user_id': self.id)

    @staticmethod
    def verify_reset_token(token):
        s = Serializer(app.config['SECRET_KEY'])
        try:
            user_id = s.loads(token)['user_id']
        except:
            return None
        return User.query.get(user_id)

    def __repr__(self):
        return f'self.firstname self.lastname'

login.html

% extends "layout.html" %
% block content %
<h1>Login Page</h1>
<div class="content-section">
    <form method="POST" action="">
         form.hidden_tag() 
        <fieldset class="form-group">
            <legend class="border-bottom mb-4">Login</legend>
            ...(irrelevant content)
<div class="border-top pt-3">
    <small class="text-muted">
        <a class="ml-2" href=" url_for('users.register') ">Don't Have An Account?</a>
    </small>
    <small class="text-muted ml-2">
        <a class="ml-2" href=" url_for('users.reset_request') ">Forgot Password?</a>
    </small>
</div>
% endblock content %

【问题讨论】：

请包含 Flask 日志中的相关行。

【参考方案1】：

这是一个简单的错误。不是methods=['GET, POST']。

改成

methods=['GET', 'POST']

Docs

HTTP 方法

Web 应用程序在访问 URL 时使用不同的 HTTP 方法。你 在使用时应该熟悉 HTTP 方法 烧瓶。默认情况下，路由只响应 GET 请求。您可以使用 route() 装饰器的方法参数来处理不同的 HTTP 方法。

from flask import request

@app.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        return do_the_login()
    else:
        return show_the_login_form()