##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
login: don't use request.params because it allows to passing multiple...
marcink -
r2149:cae7e0e2 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -161,7 +161,7 b' class LoginView(BaseAppView):'
161
161
162 try:
162 try:
163 self.session.invalidate()
163 self.session.invalidate()
164 form_result = login_form.to_python(self.request.params)
164 form_result = login_form.to_python(self.request.POST)
165 # form checks for username/password, now we're authenticated
165 # form checks for username/password, now we're authenticated
166 headers = _store_user_in_session(
166 headers = _store_user_in_session(
167 self.session,
167 self.session,
@@ -170,7 +170,7 b' class LoginView(BaseAppView):'
170 log.debug('Redirecting to "%s" after login.', c.came_from)
170 log.debug('Redirecting to "%s" after login.', c.came_from)
171
171
172 audit_user = audit_logger.UserWrap(
172 audit_user = audit_logger.UserWrap(
173 username=self.request.params.get('username'),
173 username=self.request.POST.get('username'),
174 ip_addr=self.request.remote_addr)
174 ip_addr=self.request.remote_addr)
175 action_data = {'user_agent': self.request.user_agent}
175 action_data = {'user_agent': self.request.user_agent}
176 audit_logger.store_web(
176 audit_logger.store_web(
@@ -189,7 +189,7 b' class LoginView(BaseAppView):'
189 })
189 })
190
190
191 audit_user = audit_logger.UserWrap(
191 audit_user = audit_logger.UserWrap(
192 username=self.request.params.get('username'),
192 username=self.request.POST.get('username'),
193 ip_addr=self.request.remote_addr)
193 ip_addr=self.request.remote_addr)
194 action_data = {'user_agent': self.request.user_agent}
194 action_data = {'user_agent': self.request.user_agent}
195 audit_logger.store_web(
195 audit_logger.store_web(
@@ -257,13 +257,14 b' class LoginView(BaseAppView):'
257
257
258 register_form = RegisterForm()()
258 register_form = RegisterForm()()
259 try:
259 try:
260 form_result = register_form.to_python(self.request.params)
260
261 form_result = register_form.to_python(self.request.POST)
261 form_result['active'] = auto_active
262 form_result['active'] = auto_active
262
263
263 if captcha.active:
264 if captcha.active:
264 response = submit(
265 response = submit(
265 self.request.params.get('recaptcha_challenge_field'),
266 self.request.POST.get('recaptcha_challenge_field'),
266 self.request.params.get('recaptcha_response_field'),
267 self.request.POST.get('recaptcha_response_field'),
267 private_key=captcha.private_key,
268 private_key=captcha.private_key,
268 remoteip=get_ip_addr(self.request.environ))
269 remoteip=get_ip_addr(self.request.environ))
269 if not response.is_valid:
270 if not response.is_valid:
@@ -326,13 +327,13 b' class LoginView(BaseAppView):'
326 password_reset_form = PasswordResetForm()()
327 password_reset_form = PasswordResetForm()()
327 try:
328 try:
328 form_result = password_reset_form.to_python(
329 form_result = password_reset_form.to_python(
329 self.request.params)
330 self.request.POST)
330 user_email = form_result['email']
331 user_email = form_result['email']
331
332
332 if captcha.active:
333 if captcha.active:
333 response = submit(
334 response = submit(
334 self.request.params.get('recaptcha_challenge_field'),
335 self.request.POST.get('recaptcha_challenge_field'),
335 self.request.params.get('recaptcha_response_field'),
336 self.request.POST.get('recaptcha_response_field'),
336 private_key=captcha.private_key,
337 private_key=captcha.private_key,
337 remoteip=get_ip_addr(self.request.environ))
338 remoteip=get_ip_addr(self.request.environ))
338 if not response.is_valid:
339 if not response.is_valid:
@@ -375,7 +376,7 b' class LoginView(BaseAppView):'
375 'defaults': errors.value,
376 'defaults': errors.value,
376 'errors': errors.error_dict,
377 'errors': errors.error_dict,
377 })
378 })
378 if not self.request.params.get('email'):
379 if not self.request.POST.get('email'):
379 # case of empty email, we want to report that
380 # case of empty email, we want to report that
380 return render_ctx
381 return render_ctx
381
382
General Comments 0
You need to be logged in to leave comments. Login now