Merge branch 'security-hardening' into 'master'

Security hardening

See merge request control/matcsh!1

Pipfile

@@ -4,6 +4,8 @@ verify_ssl = true
 name = "pypi"
 
 [packages]
+flask-wtf = "*"
+werkzeug = "==2.0.0"
 
 [dev-packages]
 flask = "*"

Pipfile.lock

@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "537b5db6d310b6f4cc2ae3a6bf4d5cace0e35b4a4e7639d5e542c41cc094ce10"
+            "sha256": "6dbbbf008a3e1bddce329bc39292f3782f8f2167173bed85925bf37e4f9a2cdc"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -15,31 +15,150 @@
             }
         ]
     },
-    "default": {},
-    "develop": {
+    "default": {
         "click": {
             "hashes": [
-                "sha256:6a7a62563bbfabfda3a38f3023a1db4a35978c0abd76f6c9605ecd6554d6d9b1",
-                "sha256:8458d7b1287c5fb128c90e23381cf99dcde74beaf6c7ff6384ce84d6fe090adb"
+                "sha256:24e1a4a9ec5bf6299411369b208c1df2188d9eb8d916302fe6bf03faed227f1e",
+                "sha256:479707fe14d9ec9a0757618b7a100a0ae4c4e236fac5b7f80ca68028141a1a72"
             ],
-            "markers": "python_version >= '3.6'",
-            "version": "==8.0.4"
+            "markers": "python_version >= '3.7'",
+            "version": "==8.1.2"
         },
         "flask": {
             "hashes": [
-                "sha256:59da8a3170004800a2837844bfa84d49b022550616070f7cb1a659682b2e7c9f",
-                "sha256:e1120c228ca2f553b470df4a5fa927ab66258467526069981b3eb0a91902687d"
+                "sha256:8a4cf32d904cf5621db9f0c9fbcd7efabf3003f22a04e4d0ce790c7137ec5264",
+                "sha256:a8c9bd3e558ec99646d177a9739c41df1ded0629480b4c8d2975412f3c9519c8"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==2.1.1"
+        },
+        "flask-wtf": {
+            "hashes": [
+                "sha256:34fe5c6fee0f69b50e30f81a3b7ea16aa1492a771fe9ad0974d164610c09a6c9",
+                "sha256:9d733658c80be551ce7d5bc13c7a7ac0d80df509be1e23827c847d9520f4359a"
+            ],
+            "index": "pypi",
+            "version": "==1.0.1"
+        },
+        "importlib-metadata": {
+            "hashes": [
+                "sha256:1208431ca90a8cca1a6b8af391bb53c1a2db74e5d1cef6ddced95d4b2062edc6",
+                "sha256:ea4c597ebf37142f827b8f39299579e31685c31d3a438b59f469406afd0f2539"
+            ],
+            "markers": "python_version < '3.10'",
+            "version": "==4.11.3"
+        },
+        "itsdangerous": {
+            "hashes": [
+                "sha256:2c2349112351b88699d8d4b6b075022c0808887cb7ad10069318a8b0bc88db44",
+                "sha256:5dbbc68b317e5e42f327f9021763545dc3fc3bfe22e6deb96aaf1fc38874156a"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==2.1.2"
+        },
+        "jinja2": {
+            "hashes": [
+                "sha256:539835f51a74a69f41b848a9645dbdc35b4f20a3b601e2d9a7e22947b15ff119",
+                "sha256:640bed4bb501cbd17194b3cace1dc2126f5b619cf068a726b98192a0fde74ae9"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==3.1.1"
+        },
+        "markupsafe": {
+            "hashes": [
+                "sha256:0212a68688482dc52b2d45013df70d169f542b7394fc744c02a57374a4207003",
+                "sha256:089cf3dbf0cd6c100f02945abeb18484bd1ee57a079aefd52cffd17fba910b88",
+                "sha256:10c1bfff05d95783da83491be968e8fe789263689c02724e0c691933c52994f5",
+                "sha256:33b74d289bd2f5e527beadcaa3f401e0df0a89927c1559c8566c066fa4248ab7",
+                "sha256:3799351e2336dc91ea70b034983ee71cf2f9533cdff7c14c90ea126bfd95d65a",
+                "sha256:3ce11ee3f23f79dbd06fb3d63e2f6af7b12db1d46932fe7bd8afa259a5996603",
+                "sha256:421be9fbf0ffe9ffd7a378aafebbf6f4602d564d34be190fc19a193232fd12b1",
+                "sha256:43093fb83d8343aac0b1baa75516da6092f58f41200907ef92448ecab8825135",
+                "sha256:46d00d6cfecdde84d40e572d63735ef81423ad31184100411e6e3388d405e247",
+                "sha256:4a33dea2b688b3190ee12bd7cfa29d39c9ed176bda40bfa11099a3ce5d3a7ac6",
+                "sha256:4b9fe39a2ccc108a4accc2676e77da025ce383c108593d65cc909add5c3bd601",
+                "sha256:56442863ed2b06d19c37f94d999035e15ee982988920e12a5b4ba29b62ad1f77",
+                "sha256:671cd1187ed5e62818414afe79ed29da836dde67166a9fac6d435873c44fdd02",
+                "sha256:694deca8d702d5db21ec83983ce0bb4b26a578e71fbdbd4fdcd387daa90e4d5e",
+                "sha256:6a074d34ee7a5ce3effbc526b7083ec9731bb3cbf921bbe1d3005d4d2bdb3a63",
+                "sha256:6d0072fea50feec76a4c418096652f2c3238eaa014b2f94aeb1d56a66b41403f",
+                "sha256:6fbf47b5d3728c6aea2abb0589b5d30459e369baa772e0f37a0320185e87c980",
+                "sha256:7f91197cc9e48f989d12e4e6fbc46495c446636dfc81b9ccf50bb0ec74b91d4b",
+                "sha256:86b1f75c4e7c2ac2ccdaec2b9022845dbb81880ca318bb7a0a01fbf7813e3812",
+                "sha256:8dc1c72a69aa7e082593c4a203dcf94ddb74bb5c8a731e4e1eb68d031e8498ff",
+                "sha256:8e3dcf21f367459434c18e71b2a9532d96547aef8a871872a5bd69a715c15f96",
+                "sha256:8e576a51ad59e4bfaac456023a78f6b5e6e7651dcd383bcc3e18d06f9b55d6d1",
+                "sha256:96e37a3dc86e80bf81758c152fe66dbf60ed5eca3d26305edf01892257049925",
+                "sha256:97a68e6ada378df82bc9f16b800ab77cbf4b2fada0081794318520138c088e4a",
+                "sha256:99a2a507ed3ac881b975a2976d59f38c19386d128e7a9a18b7df6fff1fd4c1d6",
+                "sha256:a49907dd8420c5685cfa064a1335b6754b74541bbb3706c259c02ed65b644b3e",
+                "sha256:b09bf97215625a311f669476f44b8b318b075847b49316d3e28c08e41a7a573f",
+                "sha256:b7bd98b796e2b6553da7225aeb61f447f80a1ca64f41d83612e6139ca5213aa4",
+                "sha256:b87db4360013327109564f0e591bd2a3b318547bcef31b468a92ee504d07ae4f",
+                "sha256:bcb3ed405ed3222f9904899563d6fc492ff75cce56cba05e32eff40e6acbeaa3",
+                "sha256:d4306c36ca495956b6d568d276ac11fdd9c30a36f1b6eb928070dc5360b22e1c",
+                "sha256:d5ee4f386140395a2c818d149221149c54849dfcfcb9f1debfe07a8b8bd63f9a",
+                "sha256:dda30ba7e87fbbb7eab1ec9f58678558fd9a6b8b853530e176eabd064da81417",
+                "sha256:e04e26803c9c3851c931eac40c695602c6295b8d432cbe78609649ad9bd2da8a",
+                "sha256:e1c0b87e09fa55a220f058d1d49d3fb8df88fbfab58558f1198e08c1e1de842a",
+                "sha256:e72591e9ecd94d7feb70c1cbd7be7b3ebea3f548870aa91e2732960fa4d57a37",
+                "sha256:e8c843bbcda3a2f1e3c2ab25913c80a3c5376cd00c6e8c4a86a89a28c8dc5452",
+                "sha256:efc1913fd2ca4f334418481c7e595c00aad186563bbc1ec76067848c7ca0a933",
+                "sha256:f121a1420d4e173a5d96e47e9a0c0dcff965afdf1626d28de1460815f7c4ee7a",
+                "sha256:fc7b548b17d238737688817ab67deebb30e8073c95749d55538ed473130ec0c7"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==2.1.1"
+        },
+        "werkzeug": {
+            "hashes": [
+                "sha256:3389bbfe6d40c6dd25e6d3f974155163c8b3de5bbda6a89342d4ab93fae80ba0",
+                "sha256:64c02f6495ba01eddd6625b3675f357cd358a73f1e38458a56ad86c5baa30b53"
             ],
             "index": "pypi",
-            "version": "==2.0.3"
+            "version": "==2.0.0"
+        },
+        "wtforms": {
+            "hashes": [
+                "sha256:6b351bbb12dd58af57ffef05bc78425d08d1914e0fd68ee14143b7ade023c5bc",
+                "sha256:837f2f0e0ca79481b92884962b914eba4e72b7a2daaf1f939c890ed0124b834b"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==3.0.1"
+        },
+        "zipp": {
+            "hashes": [
+                "sha256:56bf8aadb83c24db6c4b577e13de374ccfb67da2078beba1d037c17980bf43ad",
+                "sha256:c4f6e5bbf48e74f7a38e7cc5b0480ff42b0ae5178957d564d18932525d5cf099"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==3.8.0"
+        }
+    },
+    "develop": {
+        "click": {
+            "hashes": [
+                "sha256:24e1a4a9ec5bf6299411369b208c1df2188d9eb8d916302fe6bf03faed227f1e",
+                "sha256:479707fe14d9ec9a0757618b7a100a0ae4c4e236fac5b7f80ca68028141a1a72"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==8.1.2"
+        },
+        "flask": {
+            "hashes": [
+                "sha256:8a4cf32d904cf5621db9f0c9fbcd7efabf3003f22a04e4d0ce790c7137ec5264",
+                "sha256:a8c9bd3e558ec99646d177a9739c41df1ded0629480b4c8d2975412f3c9519c8"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==2.1.1"
         },
         "flask-login": {
             "hashes": [
-                "sha256:6d33aef15b5bcead780acc339464aae8a6e28f13c90d8b1cf9de8b549d1c0b4b",
-                "sha256:7451b5001e17837ba58945aead261ba425fdf7b4f0448777e597ddab39f4fba0"
+                "sha256:5cb01ce4dc253967b6ac722a11e46de83b6272ef7a19cc7b5725ae636916d04d",
+                "sha256:aa84fcfb4c3cf09ca58c08e816b7bce73f1349ba1cf13d00d8dffc5872d5fcf6"
             ],
             "index": "pypi",
-            "version": "==0.5.0"
+            "version": "==0.6.0"
         },
         "flask-sqlalchemy": {
             "hashes": [
@@ -118,124 +237,141 @@
             "index": "pypi",
             "version": "==20.1.0"
         },
+        "importlib-metadata": {
+            "hashes": [
+                "sha256:1208431ca90a8cca1a6b8af391bb53c1a2db74e5d1cef6ddced95d4b2062edc6",
+                "sha256:ea4c597ebf37142f827b8f39299579e31685c31d3a438b59f469406afd0f2539"
+            ],
+            "markers": "python_version < '3.10'",
+            "version": "==4.11.3"
+        },
         "itsdangerous": {
             "hashes": [
-                "sha256:7b7d3023cd35d9cb0c1fd91392f8c95c6fa02c59bf8ad64b8849be3401b95afb",
-                "sha256:935642cd4b987cdbee7210080004033af76306757ff8b4c0a506a4b6e06f02cf"
+                "sha256:2c2349112351b88699d8d4b6b075022c0808887cb7ad10069318a8b0bc88db44",
+                "sha256:5dbbc68b317e5e42f327f9021763545dc3fc3bfe22e6deb96aaf1fc38874156a"
             ],
             "markers": "python_version >= '3.7'",
-            "version": "==2.1.1"
+            "version": "==2.1.2"
         },
         "jinja2": {
             "hashes": [
-                "sha256:077ce6014f7b40d03b47d1f1ca4b0fc8328a692bd284016f806ed0eaca390ad8",
-                "sha256:611bb273cd68f3b993fabdc4064fc858c5b47a973cb5aa7999ec1ba405c87cd7"
+                "sha256:539835f51a74a69f41b848a9645dbdc35b4f20a3b601e2d9a7e22947b15ff119",
+                "sha256:640bed4bb501cbd17194b3cace1dc2126f5b619cf068a726b98192a0fde74ae9"
             ],
-            "markers": "python_version >= '3.6'",
-            "version": "==3.0.3"
+            "markers": "python_version >= '3.7'",
+            "version": "==3.1.1"
         },
         "markupsafe": {
             "hashes": [
-                "sha256:023af8c54fe63530545f70dd2a2a7eed18d07a9a77b94e8bf1e2ff7f252db9a3",
-                "sha256:09c86c9643cceb1d87ca08cdc30160d1b7ab49a8a21564868921959bd16441b8",
-                "sha256:142119fb14a1ef6d758912b25c4e803c3ff66920635c44078666fe7cc3f8f759",
-                "sha256:1d1fb9b2eec3c9714dd936860850300b51dbaa37404209c8d4cb66547884b7ed",
-                "sha256:204730fd5fe2fe3b1e9ccadb2bd18ba8712b111dcabce185af0b3b5285a7c989",
-                "sha256:24c3be29abb6b34052fd26fc7a8e0a49b1ee9d282e3665e8ad09a0a68faee5b3",
-                "sha256:290b02bab3c9e216da57c1d11d2ba73a9f73a614bbdcc027d299a60cdfabb11a",
-                "sha256:3028252424c72b2602a323f70fbf50aa80a5d3aa616ea6add4ba21ae9cc9da4c",
-                "sha256:30c653fde75a6e5eb814d2a0a89378f83d1d3f502ab710904ee585c38888816c",
-                "sha256:3cace1837bc84e63b3fd2dfce37f08f8c18aeb81ef5cf6bb9b51f625cb4e6cd8",
-                "sha256:4056f752015dfa9828dce3140dbadd543b555afb3252507348c493def166d454",
-                "sha256:454ffc1cbb75227d15667c09f164a0099159da0c1f3d2636aa648f12675491ad",
-                "sha256:598b65d74615c021423bd45c2bc5e9b59539c875a9bdb7e5f2a6b92dfcfc268d",
-                "sha256:599941da468f2cf22bf90a84f6e2a65524e87be2fce844f96f2dd9a6c9d1e635",
-                "sha256:5ddea4c352a488b5e1069069f2f501006b1a4362cb906bee9a193ef1245a7a61",
-                "sha256:62c0285e91414f5c8f621a17b69fc0088394ccdaa961ef469e833dbff64bd5ea",
-                "sha256:679cbb78914ab212c49c67ba2c7396dc599a8479de51b9a87b174700abd9ea49",
-                "sha256:6e104c0c2b4cd765b4e83909cde7ec61a1e313f8a75775897db321450e928cce",
-                "sha256:736895a020e31b428b3382a7887bfea96102c529530299f426bf2e636aacec9e",
-                "sha256:75bb36f134883fdbe13d8e63b8675f5f12b80bb6627f7714c7d6c5becf22719f",
-                "sha256:7d2f5d97fcbd004c03df8d8fe2b973fe2b14e7bfeb2cfa012eaa8759ce9a762f",
-                "sha256:80beaf63ddfbc64a0452b841d8036ca0611e049650e20afcb882f5d3c266d65f",
-                "sha256:84ad5e29bf8bab3ad70fd707d3c05524862bddc54dc040982b0dbcff36481de7",
-                "sha256:8da5924cb1f9064589767b0f3fc39d03e3d0fb5aa29e0cb21d43106519bd624a",
-                "sha256:961eb86e5be7d0973789f30ebcf6caab60b844203f4396ece27310295a6082c7",
-                "sha256:96de1932237abe0a13ba68b63e94113678c379dca45afa040a17b6e1ad7ed076",
-                "sha256:a0a0abef2ca47b33fb615b491ce31b055ef2430de52c5b3fb19a4042dbc5cadb",
-                "sha256:b2a5a856019d2833c56a3dcac1b80fe795c95f401818ea963594b345929dffa7",
-                "sha256:b8811d48078d1cf2a6863dafb896e68406c5f513048451cd2ded0473133473c7",
-                "sha256:c532d5ab79be0199fa2658e24a02fce8542df196e60665dd322409a03db6a52c",
-                "sha256:d3b64c65328cb4cd252c94f83e66e3d7acf8891e60ebf588d7b493a55a1dbf26",
-                "sha256:d4e702eea4a2903441f2735799d217f4ac1b55f7d8ad96ab7d4e25417cb0827c",
-                "sha256:d5653619b3eb5cbd35bfba3c12d575db2a74d15e0e1c08bf1db788069d410ce8",
-                "sha256:d66624f04de4af8bbf1c7f21cc06649c1c69a7f84109179add573ce35e46d448",
-                "sha256:e67ec74fada3841b8c5f4c4f197bea916025cb9aa3fe5abf7d52b655d042f956",
-                "sha256:e6f7f3f41faffaea6596da86ecc2389672fa949bd035251eab26dc6697451d05",
-                "sha256:f02cf7221d5cd915d7fa58ab64f7ee6dd0f6cddbb48683debf5d04ae9b1c2cc1",
-                "sha256:f0eddfcabd6936558ec020130f932d479930581171368fd728efcfb6ef0dd357",
-                "sha256:fabbe18087c3d33c5824cb145ffca52eccd053061df1d79d4b66dafa5ad2a5ea",
-                "sha256:fc3150f85e2dbcf99e65238c842d1cfe69d3e7649b19864c1cc043213d9cd730"
+                "sha256:0212a68688482dc52b2d45013df70d169f542b7394fc744c02a57374a4207003",
+                "sha256:089cf3dbf0cd6c100f02945abeb18484bd1ee57a079aefd52cffd17fba910b88",
+                "sha256:10c1bfff05d95783da83491be968e8fe789263689c02724e0c691933c52994f5",
+                "sha256:33b74d289bd2f5e527beadcaa3f401e0df0a89927c1559c8566c066fa4248ab7",
+                "sha256:3799351e2336dc91ea70b034983ee71cf2f9533cdff7c14c90ea126bfd95d65a",
+                "sha256:3ce11ee3f23f79dbd06fb3d63e2f6af7b12db1d46932fe7bd8afa259a5996603",
+                "sha256:421be9fbf0ffe9ffd7a378aafebbf6f4602d564d34be190fc19a193232fd12b1",
+                "sha256:43093fb83d8343aac0b1baa75516da6092f58f41200907ef92448ecab8825135",
+                "sha256:46d00d6cfecdde84d40e572d63735ef81423ad31184100411e6e3388d405e247",
+                "sha256:4a33dea2b688b3190ee12bd7cfa29d39c9ed176bda40bfa11099a3ce5d3a7ac6",
+                "sha256:4b9fe39a2ccc108a4accc2676e77da025ce383c108593d65cc909add5c3bd601",
+                "sha256:56442863ed2b06d19c37f94d999035e15ee982988920e12a5b4ba29b62ad1f77",
+                "sha256:671cd1187ed5e62818414afe79ed29da836dde67166a9fac6d435873c44fdd02",
+                "sha256:694deca8d702d5db21ec83983ce0bb4b26a578e71fbdbd4fdcd387daa90e4d5e",
+                "sha256:6a074d34ee7a5ce3effbc526b7083ec9731bb3cbf921bbe1d3005d4d2bdb3a63",
+                "sha256:6d0072fea50feec76a4c418096652f2c3238eaa014b2f94aeb1d56a66b41403f",
+                "sha256:6fbf47b5d3728c6aea2abb0589b5d30459e369baa772e0f37a0320185e87c980",
+                "sha256:7f91197cc9e48f989d12e4e6fbc46495c446636dfc81b9ccf50bb0ec74b91d4b",
+                "sha256:86b1f75c4e7c2ac2ccdaec2b9022845dbb81880ca318bb7a0a01fbf7813e3812",
+                "sha256:8dc1c72a69aa7e082593c4a203dcf94ddb74bb5c8a731e4e1eb68d031e8498ff",
+                "sha256:8e3dcf21f367459434c18e71b2a9532d96547aef8a871872a5bd69a715c15f96",
+                "sha256:8e576a51ad59e4bfaac456023a78f6b5e6e7651dcd383bcc3e18d06f9b55d6d1",
+                "sha256:96e37a3dc86e80bf81758c152fe66dbf60ed5eca3d26305edf01892257049925",
+                "sha256:97a68e6ada378df82bc9f16b800ab77cbf4b2fada0081794318520138c088e4a",
+                "sha256:99a2a507ed3ac881b975a2976d59f38c19386d128e7a9a18b7df6fff1fd4c1d6",
+                "sha256:a49907dd8420c5685cfa064a1335b6754b74541bbb3706c259c02ed65b644b3e",
+                "sha256:b09bf97215625a311f669476f44b8b318b075847b49316d3e28c08e41a7a573f",
+                "sha256:b7bd98b796e2b6553da7225aeb61f447f80a1ca64f41d83612e6139ca5213aa4",
+                "sha256:b87db4360013327109564f0e591bd2a3b318547bcef31b468a92ee504d07ae4f",
+                "sha256:bcb3ed405ed3222f9904899563d6fc492ff75cce56cba05e32eff40e6acbeaa3",
+                "sha256:d4306c36ca495956b6d568d276ac11fdd9c30a36f1b6eb928070dc5360b22e1c",
+                "sha256:d5ee4f386140395a2c818d149221149c54849dfcfcb9f1debfe07a8b8bd63f9a",
+                "sha256:dda30ba7e87fbbb7eab1ec9f58678558fd9a6b8b853530e176eabd064da81417",
+                "sha256:e04e26803c9c3851c931eac40c695602c6295b8d432cbe78609649ad9bd2da8a",
+                "sha256:e1c0b87e09fa55a220f058d1d49d3fb8df88fbfab58558f1198e08c1e1de842a",
+                "sha256:e72591e9ecd94d7feb70c1cbd7be7b3ebea3f548870aa91e2732960fa4d57a37",
+                "sha256:e8c843bbcda3a2f1e3c2ab25913c80a3c5376cd00c6e8c4a86a89a28c8dc5452",
+                "sha256:efc1913fd2ca4f334418481c7e595c00aad186563bbc1ec76067848c7ca0a933",
+                "sha256:f121a1420d4e173a5d96e47e9a0c0dcff965afdf1626d28de1460815f7c4ee7a",
+                "sha256:fc7b548b17d238737688817ab67deebb30e8073c95749d55538ed473130ec0c7"
             ],
             "markers": "python_version >= '3.7'",
-            "version": "==2.1.0"
+            "version": "==2.1.1"
         },
         "setuptools": {
             "hashes": [
-                "sha256:2347b2b432c891a863acadca2da9ac101eae6169b1d3dfee2ec605ecd50dbfe5",
-                "sha256:e4f30b9f84e5ab3decf945113119649fec09c1fc3507c6ebffec75646c56e62b"
+                "sha256:7999cbd87f1b6e1f33bf47efa368b224bed5e27b5ef2c4d46580186cbcb1a86a",
+                "sha256:a65e3802053e99fc64c6b3b29c11132943d5b8c8facbcc461157511546510967"
             ],
             "markers": "python_version >= '3.7'",
-            "version": "==60.9.3"
+            "version": "==62.0.0"
         },
         "sqlalchemy": {
             "hashes": [
-                "sha256:04164e0063feb7aedd9d073db0fd496edb244be40d46ea1f0d8990815e4b8c34",
-                "sha256:159c2f69dd6efd28e894f261ffca1100690f28210f34cfcd70b895e0ea7a64f3",
-                "sha256:199dc6d0068753b6a8c0bd3aceb86a3e782df118260ebc1fa981ea31ee054674",
-                "sha256:1bbac3e8293b34c4403d297e21e8f10d2a57756b75cff101dc62186adec725f5",
-                "sha256:20e9eba7fd86ef52e0df25bea83b8b518dfdf0bce09b336cfe51671f52aaaa3f",
-                "sha256:290cbdf19129ae520d4bdce392648c6fcdbee763bc8f750b53a5ab51880cb9c9",
-                "sha256:316270e5867566376e69a0ac738b863d41396e2b63274616817e1d34156dff0e",
-                "sha256:3f88a4ee192142eeed3fe173f673ea6ab1f5a863810a9d85dbf6c67a9bd08f97",
-                "sha256:4aa96e957141006181ca58e792e900ee511085b8dae06c2d08c00f108280fb8a",
-                "sha256:4b2bcab3a914715d332ca783e9bda13bc570d8b9ef087563210ba63082c18c16",
-                "sha256:576684771456d02e24078047c2567025f2011977aa342063468577d94e194b00",
-                "sha256:5a2e73508f939175363d8a4be9dcdc84cf16a92578d7fa86e6e4ca0e6b3667b2",
-                "sha256:5ba59761c19b800bc2e1c9324da04d35ef51e4ee9621ff37534bc2290d258f71",
-                "sha256:5dc9801ae9884e822ba942ca493642fb50f049c06b6dbe3178691fce48ceb089",
-                "sha256:6fdd2dc5931daab778c2b65b03df6ae68376e028a3098eb624d0909d999885bc",
-                "sha256:708973b5d9e1e441188124aaf13c121e5b03b6054c2df59b32219175a25aa13e",
-                "sha256:7ff72b3cc9242d1a1c9b84bd945907bf174d74fc2519efe6184d6390a8df478b",
-                "sha256:8679f9aba5ac22e7bce54ccd8a77641d3aea3e2d96e73e4356c887ebf8ff1082",
-                "sha256:8b9a395122770a6f08ebfd0321546d7379f43505882c7419d7886856a07caa13",
-                "sha256:8e1e5d96b744a4f91163290b01045430f3f32579e46d87282449e5b14d27d4ac",
-                "sha256:9a0195af6b9050c9322a97cf07514f66fe511968e623ca87b2df5e3cf6349615",
-                "sha256:9cb5698c896fa72f88e7ef04ef62572faf56809093180771d9be8d9f2e264a13",
-                "sha256:b3f1d9b3aa09ab9adc7f8c4b40fc3e081eb903054c9a6f9ae1633fe15ae503b4",
-                "sha256:bb42f9b259c33662c6a9b866012f6908a91731a419e69304e1261ba3ab87b8d1",
-                "sha256:bca714d831e5b8860c3ab134c93aec63d1a4f493bed20084f54e3ce9f0a3bf99",
-                "sha256:bedd89c34ab62565d44745212814e4b57ef1c24ad4af9b29c504ce40f0dc6558",
-                "sha256:bfec934aac7f9fa95fc82147a4ba5db0a8bdc4ebf1e33b585ab8860beb10232f",
-                "sha256:c7046f7aa2db445daccc8424f50b47a66c4039c9f058246b43796aa818f8b751",
-                "sha256:d7e483f4791fbda60e23926b098702340504f7684ce7e1fd2c1bf02029288423",
-                "sha256:dd93162615870c976dba43963a24bb418b28448fef584f30755990c134a06a55",
-                "sha256:e4607d2d16330757818c9d6fba322c2e80b4b112ff24295d1343a80b876eb0ed",
-                "sha256:e9a680d9665f88346ed339888781f5236347933906c5a56348abb8261282ec48",
-                "sha256:edfcf93fd92e2f9eef640b3a7a40db20fe3c1d7c2c74faa41424c63dead61b76",
-                "sha256:f7e4a3c0c3c596296b37f8427c467c8e4336dc8d50f8ed38042e8ba79507b2c9",
-                "sha256:fff677fa4522dafb5a5e2c0cf909790d5d367326321aeabc0dffc9047cb235bd"
+                "sha256:045d6a26c262929af0b9cb25441aae675ac04db4ea8bd2446b355617cd6b6b7d",
+                "sha256:07f4dab2deb6d34618a2ccfff3971a85923ad7c3a9a45401818870fc51d3f0cc",
+                "sha256:08aaad905aba8940f27aeb9f1f851bf63f18ef97b0062ca41f64afc4b64e0e8c",
+                "sha256:27a42894a2751e438eaed12fc0dcfe741ff2f66c14760d081222c5adc5460064",
+                "sha256:2a3e4dc7c452ba3c0f3175ad5a8e0ba49c2b0570a8d07272cf50844c8d78e74f",
+                "sha256:345306707bb0e51e7cd6e7573adafbce018894ee5e3b9c31134545f704936db0",
+                "sha256:36f08d94670315ca04c8139bd80b3e02b9dd9cc66fc11bcb96fd10ad51a051ab",
+                "sha256:3ebb97ed96f4506e2f212e1fcf0ec07a103bb194938627660a5acb4d9feae49c",
+                "sha256:40b995d7aeeb6f88a1927ce6692c0f626b59d8effd3e1d597f125e141707b37c",
+                "sha256:4414ace6e3a5e39523e55a5d9f3b215699b2ead4ff91fca98f1b659b7ab2d92a",
+                "sha256:50107d8183da3fbe5715957aa3954cd9d82aed555c5b4d3fd37fac861af422fa",
+                "sha256:50174e173d03209c34e07e7b57cca48d0082ac2390edf927aafc706c111da11e",
+                "sha256:5e88912bf192e7b5739c446d2276e1cba74cfa6c1c93eea2b2534404f6be1dbd",
+                "sha256:621d3f6c0ba2407bb97e82b649be5ca7d5b6c201dcfb964ce13f517bf1cb6305",
+                "sha256:623bac2d6bdca3f3e61cf1e1c466c5fb9f5cf08735736ee1111187b7a4108891",
+                "sha256:671f61c3db4595b0e86cc4b30f675a7c0206d9ce99f041b4f6761c7ddd1e0074",
+                "sha256:67c1c27c48875afc950bee5ee24582794f20b545e64e4f9ca94071a9b514d6ed",
+                "sha256:6a6cfd468f54d65324fd3847cfd0148b0610efa6a43e5f5fcc89f455696ae9e7",
+                "sha256:70048a83f0a1ece1fcd7189891c888e20af2c57fbd33eb760d8cece9843b896c",
+                "sha256:7ee14a7f9f76d1ef9d5e5b760c9252617c839b87eee04d1ce8325ac66ae155c4",
+                "sha256:804cf491437f3e4ce31247ab4b309b181f06ecc97d309b746d10f09439b4eb85",
+                "sha256:878c7beaafa365602762c19f638282e1885454fed1aed86f8fae038933c7c671",
+                "sha256:954ea8c527c4322afb6885944904714893af81fe9167e421273770991bf08a4a",
+                "sha256:a47bf6b7ca6c28e4f4e262fabcf5be6b907af81be36de77839c9eeda2cdf3bb3",
+                "sha256:a4fb5c6ee84a6bba4ff6f9f5379f0b3a0ffe9de7ba5a0945659b3da8d519709b",
+                "sha256:b34bbc683789559f1bc9bb685fc162e0956dbbdfbe2fbd6755a9f5982c113610",
+                "sha256:c025d45318b73c0601cca451532556cbab532b2742839ebb8cb58f9ebf06811e",
+                "sha256:c3ad7f5b61ba014f5045912aea15b03c473bb02b1c07fd92c9d2c794fa183276",
+                "sha256:c9218e3519398129e364121e0d89823e6ba2a2b77c28bfc661face0829c41433",
+                "sha256:cd5cffd1dd753828f1069f33062f3896e51c990acd957c264f40e051b3e19887",
+                "sha256:d8efcaa709ea8e7c08c3d3e7639c39b36083f5a995f397f9e6eedf5f5e4e4946",
+                "sha256:e297a5cc625e3f1367a82deedf2d48ee4d2b2bd263b8b8d2efbaaf5608b5229e",
+                "sha256:e67278ceb63270cdac0a7b89fc3c29a56f7dac9616a7ee48e7ad6b52e3b631e5",
+                "sha256:eb6558ba07409dafa18c793c34292b3265be455904966f0724c10198829477e3",
+                "sha256:f197c66663ed0f9e1178d51141d864688fb244a83f6b17f667d521e482537b2e",
+                "sha256:f47996b1810894f766c9ee689607077c6c0e0fd6761e04c12ba13efb56d50c1d"
             ],
             "index": "pypi",
-            "version": "==1.4.32"
+            "version": "==1.4.34"
         },
         "werkzeug": {
             "hashes": [
-                "sha256:1421ebfc7648a39a5c58c601b154165d05cf47a3cd0ccb70857cbdacf6c8f2b8",
-                "sha256:b863f8ff057c522164b6067c9e28b041161b4be5ba4d0daceeaa50a163822d3c"
+                "sha256:3389bbfe6d40c6dd25e6d3f974155163c8b3de5bbda6a89342d4ab93fae80ba0",
+                "sha256:64c02f6495ba01eddd6625b3675f357cd358a73f1e38458a56ad86c5baa30b53"
             ],
             "index": "pypi",
-            "version": "==2.0.3"
+            "version": "==2.0.0"
+        },
+        "zipp": {
+            "hashes": [
+                "sha256:56bf8aadb83c24db6c4b577e13de374ccfb67da2078beba1d037c17980bf43ad",
+                "sha256:c4f6e5bbf48e74f7a38e7cc5b0480ff42b0ae5178957d564d18932525d5cf099"
+            ],
+            "markers": "python_version >= '3.7'",
+            "version": "==3.8.0"
         }
     }
 }

app/__init__.py

@@ -32,10 +32,11 @@ def create_app():
     def load_user(id):
         return User.query.get(int(id)) # by default get() looks for the primary key
 
+
     return app
 
 
 def create_database(app):
     if not path.exists('app/' + DB_NAME):
         db.create_all(app=app)
-        print('Created Database!')
+        print('Created Database!')

app/logic.py

@@ -1,38 +1,84 @@
 # Site Back-End Logic
 from hmac import new
-from flask import Blueprint, render_template, request, flash, redirect, url_for
+from flask import Blueprint, render_template, request, flash, redirect, url_for, make_response
 from flask_login import login_user, login_required, logout_user, current_user
 from werkzeug.security import generate_password_hash, check_password_hash
 from .models import User, Message
 from . import db
 import string, secrets
 
+from flask_wtf import FlaskForm
+from wtforms import StringField, SubmitField, PasswordField, FileField, IntegerField, RadioField, TextAreaField
+from wtforms.validators import DataRequired
+
 logic = Blueprint('logic', __name__)
 
+# WTForm Classes
+class DescForm(FlaskForm):
+    # declare form field, required input, placeholder and validate data
+    description = TextAreaField(validators=[DataRequired()])
+    submit = SubmitField('Update your Description')
+
+class PasswdForm(FlaskForm):
+    passwd_1 = PasswordField('Edit Password', validators=[DataRequired()])
+    passwd_2 = PasswordField('Confirm Password', validators=[DataRequired()])
+    submit = SubmitField('Update Password')
+
+class MsgForm(FlaskForm):
+    msg = TextAreaField(validators=[DataRequired()])
+    submit = SubmitField('Send')
+
+class LoginForm(FlaskForm):
+    email = StringField(validators=[DataRequired()])
+    passwd = PasswordField(validators=[DataRequired()])
+    submit = SubmitField('Login')
+
+class RegForm(FlaskForm):
+    email = StringField(validators=[DataRequired()])
+    passwd_1 = PasswordField(validators=[DataRequired()])
+    passwd_2 = PasswordField(validators=[DataRequired()])
+    firstname = StringField(validators=[DataRequired()])
+    lastname = StringField(validators=[DataRequired()])
+    age = IntegerField(validators=[DataRequired()])
+    gender = RadioField('Gender', choices=[('M', 'Male'),('F', 'Female')], validators=[DataRequired()])
+    submit = SubmitField('Register')
+
+
+
 @logic.route('/', methods=['GET', 'POST'])
 @login_required
 def profile():
-    if request.method == "POST":
-        new_desc = request.form.get('description_area')
-        passwd_1 = request.form.get('passwd_1')
-        passwd_2 = request.form.get('passwd_2')
-        new_pic = request.files.get('profilepic_upload')
 
+    form_1 = DescForm()
+    form_2 = PasswdForm()
 
-        if new_desc:
-            new_desc_dbcall = User.query.filter_by(id=current_user.id).first()
-            new_desc_dbcall.description = new_desc
+    # WTForm Validation Checks
+    if form_1.validate_on_submit():
+        new_desc = form_1.description.data
+        form_1.description.data = ''
+        new_desc_dbcall = User.query.filter_by(id=current_user.id).first()
+        new_desc_dbcall.description = new_desc
+        db.session.commit()
+        flash('Hooray! A new description!', category='success')
+
+    elif form_2.validate_on_submit():
+        passwd_1 = form_2.passwd_1.data
+        passwd_2 = form_2.passwd_2.data
+        form_2.passwd_1.data = ''
+        form_2.passwd_2.data = ''
+        if passwd_1 == passwd_2:
+            new_passwd_dbcall = User.query.filter_by(id=current_user.id).first()
+            new_passwd_dbcall.password = generate_password_hash(passwd_2, method='sha256')
             db.session.commit()
-            flash('Hooray! A new description!', category='success')
-        elif passwd_1 and passwd_2:
-            if passwd_1 == passwd_2:
-                new_passwd_dbcall = User.query.filter_by(id=current_user.id).first()
-                new_passwd_dbcall.password = generate_password_hash(passwd_2, method='sha256')
-                db.session.commit()
-                flash('Nice! Updated your password!', category='success')
-            else:
-                flash('Oh no! Your passwords must match!', category='error')
-        elif new_pic:
+            flash('Nice! Updated your password!', category='success')
+        else:
+            flash('Oh no! Your passwords must match!', category='error')
+
+    # DB Insertions
+    if request.method == "POST":
+        new_pic = request.files.get('profilepic_upload')
+
+        if new_pic:
             # generate random filename for uploaded file 
             alphanumeric = string.ascii_letters + string.digits
             ralphanum = ''.join(secrets.choice(alphanumeric) for i in range(16))
@@ -45,10 +91,11 @@ def profile():
                 new_pic_dbcall.profile_image = f'{ralphanum}.jpeg'
             db.session.commit()
 
+    response = make_response(render_template("profile.html", user = current_user, form1 = form_1, form2= form_2))
+    response.headers['Content-Security-Policy'] = "default-src 'self'"
+    return response
 
 
-    return render_template("profile.html", user=current_user)
-
 @logic.route('/matchbook', methods=['GET', 'POST'])
 @login_required
 def matchbook():
@@ -59,9 +106,13 @@ def matchbook():
         fdbcall = User.query.filter_by(id=current_user.id).first()
         fdbcall.focus = recipient_id
         db.session.commit()
-        return redirect(url_for('logic.messaging'))
+        response = make_response(redirect(url_for('logic.messaging')))
+        response.headers['Content-Security-Policy'] = "default-src 'self'"
+        return response
 
-    return render_template("matchbook.html", user=current_user, userlist=all_users)
+    response = make_response(render_template("matchbook.html", user=current_user, userlist=all_users))
+    response.headers['Content-Security-Policy'] = "default-src 'self'"
+    return response
 
 @logic.route('/messaging', methods=['GET', 'POST'])
 @login_required
@@ -73,21 +124,43 @@ def messaging():
     recv_history = Message.query.filter_by(sender=recipient.id, recipient=current_user.id).all()
     joint_history = sent_history + recv_history
     joint_history.sort(key=lambda x: x.id) # add reverse=True for descending
-    ## add filter to remove duplicate messages to self?
-    if request.method == 'POST':
-        message = request.form.get('message_box')
+
+    form = MsgForm()
+
+    if form.validate_on_submit():
+        message = form.msg.data
+        form.msg.data = ''
+
         new_msg_dbcall = Message(sender=current_user.id, recipient=recipient.id, message=message)
         db.session.add(new_msg_dbcall)
         db.session.commit()
-        return redirect(url_for('logic.messaging'))
-    return render_template("messaging.html", user=current_user, recipient=recipient, msg_hist=joint_history)
+
+        response = make_response(redirect(url_for('logic.messaging')))
+        response.headers['Content-Security-Policy'] = "default-src 'self'"
+        return response
+
+    response = make_response(render_template(
+        "messaging.html",
+        user = current_user,
+        recipient = recipient,
+        msg_hist = joint_history,
+        form = form
+        ))
+    response.headers['Content-Security-Policy'] = "default-src 'self'"
+    return response
+
+
 
 
 @logic.route('/login', methods=['GET', 'POST'])
 def login():
-    if request.method == 'POST':
-        email = request.form.get('email')
-        challenge_passwd = request.form.get('passwd_login')
+    form = LoginForm()
+
+    if form.validate_on_submit():
+        email = form.email.data
+        form.email.data = ''
+        challenge_passwd = form.passwd.data
+        form.passwd.data = ''
 
         user = User.query.filter_by(email=email).first()
         if user:
@@ -99,27 +172,38 @@ def login():
                 flash('Unsucessful Login!', category='error')
         else:
             flash('Unsucessful Login!', category='error')
+
     
-    return render_template("login.html", user=current_user)
+    return render_template(
+            "login.html",
+            user = current_user,
+            form = form
+            )
+
 
 @logic.route('/logout')
 @login_required
 def logout():
     logout_user()
-    return redirect(url_for('logic.login'))
+    response = make_response(redirect(url_for('logic.login')))
+    response.headers['Content-Security-Policy'] = "default-src 'self'"
+    return response
 
 # Signup Route
 @logic.route('/register', methods=['GET', 'POST'])
 def register():
     pass_list = list()
-    if request.method == 'POST':
-        email = request.form.get('email') 
-        firstname = request.form.get('firstname')
-        lastname = request.form.get('lastname')
-        age = request.form.get('age')
-        gender = request.form.get('gender')
-        passwd_1 = request.form.get('passwd_1')
-        passwd_2 = request.form.get('passwd_2')
+
+    form = RegForm()
+
+    if form.validate_on_submit():
+        email = form.email.data
+        firstname = form.firstname.data
+        lastname = form.lastname.data
+        age = form.age.data
+        gender = form.gender.data
+        passwd_1 = form.passwd_1.data
+        passwd_2 = form.passwd_2.data
 
         # Basic User Input Checks
         email_check = User.query.filter_by(email=email).first()
@@ -156,7 +240,11 @@ def register():
                     db.session.add(new_user)
                     db.session.commit()
                     flash('Account Registration Successful!', category='success')
-                    return redirect(url_for('logic.profile'))
+                    response = make_response(redirect(url_for('logic.profile')))
+                    response.headers['Content-Security-Policy'] = "default-src 'self'"
+                    return response
                 else:
                     flash('Registration Failed', category='error')
-    return render_template("register.html", user=current_user)
+    
+    return render_template("register.html", user = current_user, form = form)
+

app/static/css/custom.css

@@ -69,6 +69,7 @@ img {
 /* Input */
 input {
     max-width: 200px;
+    padding: 8px;
 }
 .btn {
     background-color: #ff3333;
@@ -118,4 +119,4 @@ input {
     display: inline; /* removes element's newline*/
     z-index: 3;
     position: relative;
-}
+}

app/templates/base.html

@@ -5,20 +5,17 @@
         <meta name="viewport" content="width=device-width, initial-scale=1">
         <link
             rel="stylesheet"
-            href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css"
-            integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh"
-            crossorigin="anonymous"
+            href="static/css/bootstrap.min.css"
         />
         <link
             rel="stylesheet"
-            href="https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css"
-            crossorigin="anonymous"
+            href="static/css/font-awesome.min.css"
         />
         <link
             rel="stylesheet"
             href="static/css/custom.css"
         />
-        <link rel = "icon" href ="static/icons/balloon-heart.svg" type = "image/x-icon" class="brand-icon">
+        <link rel="icon" href="static/icons/balloon-heart.svg" type="image/x-icon" class="brand-icon">
         <title>{% block title %}Matcsh.{% endblock %}</title>
     </head>
 
@@ -71,19 +68,13 @@
 
 
         <script
-            src="https://code.jquery.com/jquery-3.2.1.slim.min.js"
-            integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN"
-            crossorigin="anonymous">
+            src="static/js/jquery-3.2.1.slim.min.js"
         </script>
         <script
-            src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js"
-            integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q"
-            crossorigin="anonymous">
+            src="static/js/popper.min.js"
         </script>
         <script
-            src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js"
-            integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl"
-            crossorigin="anonymous">
+            src="static/js/bootstrap.min.js"
         </script>
     </body>
 </html>

app/templates/login.html

@@ -3,26 +3,18 @@
 {% block content %}
 <h1>Login Here!</h1>
 <form method="POST">
-<div class="form-group">
-    <label for="email"></label>
-    <input 
-        type="email" 
-        class="form-control" 
-        id="email"
-        name="email"
-        placeholder="Insert Email"
-    />
-    <label for="passwd_login"></label>
-    <input 
-        type="password" 
-        class="form-control" 
-        id="passwd_login"
-        name="passwd_login"
-        placeholder="Enter Password"
-    />
+<div class="container">
+    {{ form.hidden_tag() }}
+
+    <div class="row">
+    {{ form.email(placeholder="Email") }}
+    </div>
+    <br />
+    <div class="row">
+    {{ form.passwd(placeholder="Password") }}
+    </div>
     <br />
-    <button type="submit" class="btn btn-primary">Login</button>
+    {{ form.submit(class="btn btn-primary") }}
 </div>
-
 </form>
-{% endblock %}
+{% endblock %}

app/templates/messaging.html

@@ -31,8 +31,12 @@
     </div>
 
     <form method="POST">
-        <textarea name="message_box" id="message_box" cols="50" rows="3" style="resize:none;" placeholder="Type your message here..."></textarea>
-        <button type="submit" class="btn btn-primary">Send</button>
+        {{ form.hidden_tag() }}
+
+        {{ form.msg(placeholder="Write you message here!", cols="50", rows="4") }}
+        {{ form.submit(class="btn btn-primary")}}
+        <!--
+        -->
     </form>
 </div>
 {% endblock %}

app/templates/profile.html

@@ -16,27 +16,26 @@
 <p>{{ user.lastname }}</p>
 <p>{{ user.gender }} , {{ user.age }}</p>
 <form method="POST">
-    <textarea id="description_area" name="description_area" placeholder="{{ user.description }}" style="resize:none;" rows="3" cols="40"></textarea>
-    <button type="submit" class="btn btn-primary updesc">Update Description</button>
+    {{ form1.hidden_tag() }}
+
+    {{ form1.description(placeholder=user.description, cols="45", rows="4") }}
+    <br />
+    {{ form1.submit(class="btn btn-primary updesc") }}
 </form>
+<br />
 <form method="POST">
-    <label for="passwd_1"></label>
-    <input 
-        type="password" 
-        class="form-control center-elem" 
-        id="passwd_1"
-        name="passwd_1"
-        placeholder="Edit Password"
-    />
-    <label for="passwd_2"></label>
-    <input 
-        type="password" 
-        class="form-control center-elem" 
-        id="passwd_2"
-        name="passwd_2"
-        placeholder="Confirm Password"
-    />
-    <button type="submit" class="btn btn-primary upswd">Update Password</button>
+    <div class="container">
+    {{ form2.hidden_tag() }}
+
+    <div class="row">
+    {{ form2.passwd_1(placeholder="Edit Password", class="description_area upswd") }}
+    </div>
+    <br />
+    <div class="row">
+    {{ form2.passwd_2(placeholder="Confirm Password", class="description_area upswd") }}
+    </div>
+    <br />
+    {{ form2.submit(class="btn btn-primary upswd") }}
 </form>
 {% endblock %}
-</div>
+</div>

app/templates/register.html

@@ -3,75 +3,43 @@
 {% block content %}
 <h1> Register Here! </h1>
 <form method="POST">
-    <div class="form-group">
-        <label for="email"></label>
-        <input 
-            type="email" 
-            class="form-control" 
-            id="email"
-            name="email"
-            placeholder="Insert Email"
-        />
-        <label for="passwd_1"></label>
-        <input 
-            type="password" 
-            class="form-control" 
-            id="passwd_1"
-            name="passwd_1"
-            placeholder="Enter Password"
-        />
-        <label for="passwd_2"></label>
-        <input 
-            type="password" 
-            class="form-control" 
-            id="passwd_2"
-            name="passwd_2"
-            placeholder="Confirm Password"
-        />
-        <label for="firstname"></label>
-        <input 
-            type="text" 
-            class="form-control" 
-            id="firstname"
-            name="firstname"
-            placeholder="Insert First Name"
-        />
-        <label for="lasstname"></label>
-        <input 
-            type="text" 
-            class="form-control" 
-            id="lasstname"
-            name="lastname"
-            placeholder="Insert Last Name"
-        />
-        <label for="age"></label>
-        <input 
-            type="number" 
-            class="form-control" 
-            id="age"
-            name="age"
-            min="18"
-            max="110"
-            placeholder="Insert Your Age"
-        />
-        <label for="genderm" class="padding-top">Male</label>
-        <input 
-            type="radio" 
-            class="form-control" 
-            id="genderm"
-            name="gender"
-            value="M"
-        />
-        <label for="genderf" style="display: inline;">Female</label>
-        <input 
-            type="radio" 
-            class="form-control" 
-            id="genderf"
-            name="gender"
-            value="F"
-        />
+    <div class="container">
+        {{ form.hidden_tag() }}
+
+        <div class="row">
+        {{ form.email(placeholder="Email") }}
+        </div>
+        <br />
+        <div class="row">
+        {{ form.passwd_1(placeholder="Password") }}
+        </div>
+        <br />
+        <div class="row">
+        {{ form.passwd_2(placeholder="Confirm Password") }}
+        </div>
+        <br />
+        <div class="row">
+        {{ form.firstname(placeholder="First Name") }}
+        </div>
+        <br />
+        <div class="row">
+        {{ form.lastname(placeholder="Last Name") }}
+        </div>
+        <br />
+        <div class="row">
+        {{ form.age(placeholder="Age", min="18", max="99") }}
+        </div>
+        <br />
+        {% for subfield in form.gender %}
+                <div class="row">
+                    <p>{{ subfield.label }}</p>
+                    {{ subfield }}
+                </div>
+        {% endfor %}
+        <br />
+
+        {{ form.submit(class="btn btn-primary") }}
     </div>
-    <br />
-    <button type="submit" class="btn btn-primary">Submit</button>
+
 </form>
-{% endblock %}
+{% endblock %}