WTForms Validator NoneOf is not activating properly

Question

I am trying to make a form that kicks back usernames with spaces and commas in WTForms. I tried using the NoneOf validator and it does not activate. Any suggestions? I named username to rusername for deconflicting my page with the login page.

Here is my form for reference.

class RegistrationForm(FlaskForm):
    rusername = StringField(_l('Username'), validators=[DataRequired(), NoneOf([',', ' '], "Invalid value, can't be any of: %(values)s")])
    rpassword = PasswordField(_l('Password'), validators=[DataRequired()])
    rpassword2 = PasswordField(_l('Repeat Password'), validators=[DataRequired(), EqualTo('rpassword')])
    recaptcha = RecaptchaField()
    signupsubmit = SubmitField(_l('Register'))

    def validate_rusername(self, rusername):
        user = User.query.filter_by(username=rusername.data).first()
        if user is not None:
            raise ValidationError(_('Username taken :( Please use a different one.'))

Here is the code from the template. It loads fine and works great, but the NoneOf validation does not run.

{{ registrationForm.rusername(placeholder='Username', rows='1', maxlength='300', class='input form-control') }}

Answer 1

The NoneOf validator checks for exact matches (e.g. bad words as usernames). If you want to do regexp-like validation, you need to use the Regexp() validator.

rusername = StringField(_l('Username'), validators=[
    DataRequired(), 
    Regexp('^[\w-]+$', message='Username can contain only alphanumeric characters (and _, -).'),
])

This allows usernames to contain alphanumeric characters, underscores and dashes. You can add additional special characters as well.