handlers: report errors on signup

[ppanero]

• closes https://github.com/inveniosoftware/invenio-oauthclient/issues/277

The final result with all possible errors triggered:

An ideal and more consistent solution would be similar to the following. However, the problem is that profile is a single field (with three inner ones: username, full_name and affiliations). No way to forward the errors from render_field to the actual field rendering (L46) was found. The local form (coming form invenio-userprofiles) can do that becuase it renders fields explicitly (i.e. not in a for loop) and the are no field with inner fields in the form.

[ppanero]

Status

This PR is blocked because the CSRF token is not getting into the form (and therefore it does not validate, and cant login with contribs). Things tested:

• WTF_CSRF_ENABLED coming form Falsk-WTF
• Passing the meta={'csrf: True'} to the form construction as happens in some examples of Flask-Security
• ...

[slint]

In the end, there was probably some copy-paste issue with the Jinja macro, since the line that renders hidden form fields was removed (leaving an "empty" if statement clause in Jinja). The CSRF field is now properly rendered and validates when the form is submitted.