##// END OF EJS Templates
password-reset: improved error reporting for captch and empty email
marcink -
r1474:1307b88c default
parent child Browse files
Show More
@@ -321,6 +321,7 b' class LoginView(object):'
321 321 error_dict = {'recaptcha_field': _msg}
322 322 raise formencode.Invalid(
323 323 _msg, _value, None, error_dict=error_dict)
324
324 325 # Generate reset URL and send mail.
325 326 user = User.get_by_email(user_email)
326 327
@@ -346,7 +347,16 b' class LoginView(object):'
346 347 except formencode.Invalid as errors:
347 348 render_ctx.update({
348 349 'defaults': errors.value,
350 'errors': errors.error_dict,
349 351 })
352 if not self.request.params.get('email'):
353 # case of empty email, we want to report that
354 return render_ctx
355
356 if 'recaptcha_field' in errors.error_dict:
357 # case of failed captcha
358 return render_ctx
359
350 360 log.debug('faking response on invalid password reset')
351 361 # make this take 2s, to prevent brute forcing.
352 362 time.sleep(2)
General Comments 0
You need to be logged in to leave comments. Login now