0

I am currently trying to build a web based authentication system for users of a website. This is my HTML-login-form:

<form action="/auth" method="post" class="pure-form pure-form-stacked">
    <fieldset>
        <legend>Login</legend>
        <label for="username">Username</label>
        <input id="username" type="username" placeholder="Username">

        <label for="password">Password</label>
        <input id="password" type="password" placeholder="Password">

        <button type="submit" class="pure-button pure-button-primary">
            Login
        </button>
    </fieldset>
</form>

Usually I was expecting it to send a request to the server, with both credentials inside the request body, so my /auth route can check them. But the parser for Post-methods which I use doesn't seem to find anything inside the request body. This is my request-parser (the part of it where it checks for post-parameters:

class Request:
    """
    http request data.
    """

    def __init__(self):
        self.headers = {}
        self.method = None
        self.protocol = None
        self.resource = None
        self.path = None
        self.params = {}
        self.origin = None  # will be set from server

    def parse(self, conn):
        """Parses an http-Request and return a dictionary with process_request line values and headers."""
        self.headers = {}

        # read process_request line
        request_line = conn.readline().decode('utf-8').strip()
        log(1, "Request-Line: %s" % request_line)
        if not request_line:  # rfc says "server SHOULD ignore blank request lines"
            return None

        # parse process_request line
        try:
            self.method, self.resource, self.protocol = request_line.split(" ")
        except ValueError:
            raise StopProcessing(400, "Bad request-line: %s\n" % request_line)

        # parse resource to path and params
        # extract GET parameters
        from urllib.parse import urlparse, parse_qs # analyse urls and parse query strings
        requrl = urlparse(self.resource)
        self.path = requrl.path
        self.params.update(parse_qs(requrl.query))

        # read and parse Request-Headers
        while True:
            header_line = conn.readline().decode('utf-8').strip()
            if not header_line:
                break
            log(2, "Header-Line: " + header_line)
            (headerfield, headervalue) = header_line.split(":", 1)
            self.headers[headerfield.strip()] = headervalue.strip()

        # read cookies
        if 'Cookie' in self.headers:
            log(2, "Cookie ist: %s" % self.headers['Cookie'])
            self.cookies = Cookie.parse(self.headers['Cookie'])
        else:
            self.cookies = {}

        # parse POST parameters
        log(1,"Methode %s" % self.method)
        if self.method == 'POST' or self.method == 'post':
            postbody = conn.read(int(self.headers['Content-Length'])).decode('utf-8')
            self.params.update(parse_qs(postbody))

        # all parameter values are lists
        # replace lists by the only element if there is only one
        for key in self.params:
            if len(self.params[key])==1:
                self.params[key] = self.params[key][0]

        return self.headers

I added some tracing output to the critical passages of the code and what I found was that my parser always returned an empty dictionary {}. What am I missing? There are no add-ons whatsoever used in this framework. it is pure Python.

Improve this question
6
  • Unfortunately, without knowing a little more about the underlying framework, we'll not be able to help. Is this Flask? Django? Commented Dec 10, 2017 at 13:05
  • it is pure python used in the framework. No add ons at all. Thanks for the hin, I will update my question! Commented Dec 10, 2017 at 13:06
  • What is parse_qs? What is conn? How is self.method set? Why does self.method support lower-case and upper-case method names? Commented Dec 10, 2017 at 13:19
  • I will add the whole implementation code of my request-class to the question Commented Dec 10, 2017 at 13:21
  • 1
    @AlexanderTepe, you are right - your parser finds no data. Form fields are identified by 'name' attribute, not 'id'. Try <input name="username" type="username" placeholder="Username"> and <input name="password" type="password" placeholder="Password"> Note using 'name' attribute. Commented Dec 10, 2017 at 13:49

1 Answer 1

Reset to default
1

You need to set a name attribute on the form inputs, the id does not identify the inputs on the form.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Oops, looks like @PakUula beat me to the answer, just in a comment.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.