[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-bank] 03/06: Add manual authentication before loggin
From: |
gnunet |
Subject: |
[GNUnet-SVN] [taler-bank] 03/06: Add manual authentication before logging a user in. Just calling login() without authenticating the user before, returns 200 even for wrong login attempts. |
Date: |
Mon, 29 May 2017 11:25:18 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository bank.
commit 40dbd51e22ec5127ea5eba60eebf1d42d0437810
Author: Marcello Stanisci <address@hidden>
AuthorDate: Tue May 23 22:14:37 2017 +0200
Add manual authentication before logging a user in.
Just calling login() without authenticating the user before,
returns 200 even for wrong login attempts.
---
talerbank/app/views.py | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index b0d8974..77decc8 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -64,6 +64,15 @@ def javascript_licensing(request):
def login_view(request):
just_logged_out = get_session_flag(request, "just_logged_out")
+ if "POST" == request.method:
+ login_form = MyAuthenticationForm(request.POST)
+ if login_form.is_valid():
+ username = login_form.cleaned_data["username"]
+ password = login_form.cleaned_data["password"]
+ logger.info("u:%s, p:%s" % (username, password))
+ else:
+ logger.error("Bad form gotten in POST")
+ return HttpResponseBadRequest("Bad form POSTed")
response = django.contrib.auth.views.login(
request,
authentication_form=MyAuthenticationForm,
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [taler-bank] branch master updated (9430850 -> 05d86a1), gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 06/06: commenting out faults-injected tests, gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 03/06: Add manual authentication before logging a user in. Just calling login() without authenticating the user before, returns 200 even for wrong login attempts.,
gnunet <=
- [GNUnet-SVN] [taler-bank] 05/06: removing unneeded comments, gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 04/06: testing operations with wrong currencies, gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 01/06: addressing #5013, gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 02/06: first tests under erroneous circumstances, gnunet, 2017/05/29