##// END OF EJS Templates
u » pc » rhodecode-enterprise-ce-fork-pc
RSS

Fork of rhodecode-enterprise-ce

login: don't use request.params because it allows to passing multiple...
marcink -
r2149:cae7e0e2 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -161,7 +161,7 b' class LoginView(BaseAppView):'
161 161
162 162 try:
163 163 self.session.invalidate()
164 form_result = login_form.to_python(self.request.params)
164 form_result = login_form.to_python(self.request.POST)
165 165 # form checks for username/password, now we're authenticated
166 166 headers = _store_user_in_session(
167 167 self.session,
@@ -170,7 +170,7 b' class LoginView(BaseAppView):'
170 170 log.debug('Redirecting to "%s" after login.', c.came_from)
171 171
172 172 audit_user = audit_logger.UserWrap(
173 username=self.request.params.get('username'),
173 username=self.request.POST.get('username'),
174 174 ip_addr=self.request.remote_addr)
175 175 action_data = {'user_agent': self.request.user_agent}
176 176 audit_logger.store_web(
@@ -189,7 +189,7 b' class LoginView(BaseAppView):'
189 189 })
190 190
191 191 audit_user = audit_logger.UserWrap(
192 username=self.request.params.get('username'),
192 username=self.request.POST.get('username'),
193 193 ip_addr=self.request.remote_addr)
194 194 action_data = {'user_agent': self.request.user_agent}
195 195 audit_logger.store_web(
@@ -257,13 +257,14 b' class LoginView(BaseAppView):'
257 257
258 258 register_form = RegisterForm()()
259 259 try:
260 form_result = register_form.to_python(self.request.params)
260
261 form_result = register_form.to_python(self.request.POST)
261 262 form_result['active'] = auto_active
262 263
263 264 if captcha.active:
264 265 response = submit(
265 self.request.params.get('recaptcha_challenge_field'),
266 self.request.params.get('recaptcha_response_field'),
266 self.request.POST.get('recaptcha_challenge_field'),
267 self.request.POST.get('recaptcha_response_field'),
267 268 private_key=captcha.private_key,
268 269 remoteip=get_ip_addr(self.request.environ))
269 270 if not response.is_valid:
@@ -326,13 +327,13 b' class LoginView(BaseAppView):'
326 327 password_reset_form = PasswordResetForm()()
327 328 try:
328 329 form_result = password_reset_form.to_python(
329 self.request.params)
330 self.request.POST)
330 331 user_email = form_result['email']
331 332
332 333 if captcha.active:
333 334 response = submit(
334 self.request.params.get('recaptcha_challenge_field'),
335 self.request.params.get('recaptcha_response_field'),
335 self.request.POST.get('recaptcha_challenge_field'),
336 self.request.POST.get('recaptcha_response_field'),
336 337 private_key=captcha.private_key,
337 338 remoteip=get_ip_addr(self.request.environ))
338 339 if not response.is_valid:
@@ -375,7 +376,7 b' class LoginView(BaseAppView):'
375 376 'defaults': errors.value,
376 377 'errors': errors.error_dict,
377 378 })
378 if not self.request.params.get('email'):
379 if not self.request.POST.get('email'):
379 380 # case of empty email, we want to report that
380 381 return render_ctx
381 382
General Comments 0
You need to be logged in to leave comments. Login now