Ticket #8061: temporary-session-key-login.diff

File temporary-session-key-login.diff, 1.8 KB (added by Joost Cassee, 16 years ago)
  • django/contrib/auth/views.py

     
    1717    "Displays the login form and handles the login action."
    1818    redirect_to = request.REQUEST.get(redirect_field_name, '')
    1919    if request.method == "POST":
    20         form = AuthenticationForm(data=request.POST)
     20        form = AuthenticationForm(request, data=request.POST)
    2121        if form.is_valid():
    2222            # Light security check -- make sure redirect_to isn't garbage.
    2323            if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
     
    2525                redirect_to = settings.LOGIN_REDIRECT_URL
    2626            from django.contrib.auth import login
    2727            login(request, form.get_user())
    28             if request.session.test_cookie_worked():
    29                 request.session.delete_test_cookie()
    3028            return HttpResponseRedirect(redirect_to)
    3129    else:
    3230        form = AuthenticationForm(request)
    33     request.session.set_test_cookie()
    3431    if Site._meta.installed:
    3532        current_site = Site.objects.get_current()
    3633    else:
  • django/contrib/auth/forms.py

     
    7373       
    7474        # TODO: determine whether this should move to its own method.
    7575        if self.request:
    76             if not self.request.session.test_cookie_worked():
     76            if not self.request.session.accepts_cookies():
    7777                raise forms.ValidationError(_("Your Web browser doesn't appear to have cookies enabled. Cookies are required for logging in."))
    7878       
    7979        return self.cleaned_data
Back to Top