1

I would like to make a post request sending a username and password to a page named showInternal; I currently accomplish this via:

username = "johnsmith"
password = "password1234"
return redirect(url_for('showInternal', username=username, password=password))

for the redirect and

@app.route('/internal', methods=['GET'])
@login_required
def showInternal():
    return render_template('internal.html')

for the destination page. This sorta works in the sense that it takes me to /internal?password=password1234&username=johnsmith.

However, I don't want to show the user's username and password in the url. I've tried replacing the phrase methods=['GET'] with methods=['POST'] but then I get an error about that method not being allowed, and the data stays in the url anyhow.

How can I pass these data without it showing up in the url?

Everyone_Else
  • 3,206
  • 4
  • 32
  • 55
  • You can't redirect to a POST, so the way I would do it is via a session. – sberry Aug 18 '16 at 01:16
  • 1
    Wait, of course you can redirect with a post - see here: http://stackoverflow.com/q/15473626/3238611 – Everyone_Else Aug 18 '16 at 01:18
  • 1
    I thought you were trying to redirect a GET to a POST, misread. I don't believe a GET to a POST is honored by any clients and don't know how that would be done unless the original request included a body. – sberry Aug 18 '16 at 01:26
  • I need one view to make sure the username/password are good, and I need them in the other because flask's @login_required needs a request object with the fields. For that reason, I also can't just call the function unless they're some way to do so while including a request. – Everyone_Else Aug 18 '16 at 02:04

1 Answers1

0

Import the JSON and requests module: import json, request

Use the request module to send a post request:

requests.post('<full-url>', data=json.dumps({'username': 'johnsmith', 'password': 'password1234'}))

Then edit your route:

@app.route('/internal', methods=['POST'])
Derick Alangi
  • 1,080
  • 1
  • 11
  • 31