Ticket #17216: views.py.patch
| File views.py.patch, 2.2 KB (added by , 13 years ago) |
|---|
-
django/contrib/auth/views.py
old new 30 30 """ 31 31 redirect_to = request.REQUEST.get(redirect_field_name, '') 32 32 33 if request.method == "POST": 34 form = authentication_form(data=request.POST) 35 if form.is_valid(): 36 netloc = urlparse.urlparse(redirect_to)[1] 33 form = authentication_form(request, data=request.POST or None) 37 34 38 # Use default setting if redirect_to is empty 39 if not redirect_to: 40 redirect_to = settings.LOGIN_REDIRECT_URL 41 42 # Security check -- don't allow redirection to a different 43 # host. 44 elif netloc and netloc != request.get_host(): 45 redirect_to = settings.LOGIN_REDIRECT_URL 35 if form.is_valid(): 36 netloc = urlparse.urlparse(redirect_to)[1] 46 37 47 # Okay, security checks complete. Log the user in. 48 auth_login(request, form.get_user()) 38 # Use default setting if redirect_to is empty 39 if not redirect_to: 40 redirect_to = settings.LOGIN_REDIRECT_URL 41 42 # Security check -- don't allow redirection to a different 43 # host. 44 elif netloc and netloc != request.get_host(): 45 redirect_to = settings.LOGIN_REDIRECT_URL 49 46 50 if request.session.test_cookie_worked():51 request.session.delete_test_cookie()47 # Okay, security checks complete. Log the user in. 48 auth_login(request, form.get_user()) 52 49 53 return HttpResponseRedirect(redirect_to) 54 else: 55 form = authentication_form(request) 50 if request.session.test_cookie_worked(): 51 request.session.delete_test_cookie() 52 53 return HttpResponseRedirect(redirect_to) 56 54 57 55 request.session.set_test_cookie() 58 56 … … 68 66 return render_to_response(template_name, context, 69 67 context_instance=RequestContext(request, current_app=current_app)) 70 68 71 72 69 def logout(request, next_page=None, 73 70 template_name='registration/logged_out.html', 74 71 redirect_field_name=REDIRECT_FIELD_NAME,