From 8b64762f71f9a558985f4c90a820969ee6fb5ca0 Mon Sep 17 00:00:00 2001
From: "A.Avenel" <avenel.alexandre@gmail.com>
Date: Sun, 23 Jun 2013 17:37:58 +0200
Subject: [PATCH 1/2] Bugfix : error when you access /authenticate url without
 a project identifier

---
 budget/web.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/budget/web.py b/budget/web.py
index 0b302cd..44105ca 100644
--- a/budget/web.py
+++ b/budget/web.py
@@ -72,7 +72,12 @@ def authenticate(project_id=None):
     if not form.id.data and request.args.get('project_id'):
         form.id.data = request.args['project_id']
     project_id = form.id.data
-    project = Project.query.get(project_id)
+    project = False
+    if project_id:
+        project = Project.query.get(project_id)
+    else:
+        msg = _("You need to enter a project identifier")
+        form.errors["id"] = [msg]
     create_project = False  # We don't want to create the project by default
     if not project:
         # But if the user try to connect to an unexisting project, we will

From 74e6f9f11db2fa460f2b6f3a8c7863bd46f90fd0 Mon Sep 17 00:00:00 2001
From: "A.Avenel" <avenel.alexandre@gmail.com>
Date: Sat, 12 Oct 2013 16:56:25 +0200
Subject: [PATCH 2/2] Add unit-test for bug #105. Small code refactoring for
 better readability

---
 budget/tests.py |  5 +++++
 budget/web.py   | 10 ++++++----
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/budget/tests.py b/budget/tests.py
index 9eea518..0f7c2a2 100644
--- a/budget/tests.py
+++ b/budget/tests.py
@@ -289,6 +289,11 @@ class BudgetTestCase(TestCase):
         self.assertTrue(models.Project.query.get("demo") is not None)
 
     def test_authentication(self):
+	# try to authenticate without credentials should redirect
+	# to the authentication page
+	resp = self.app.post("/authenticate")
+	self.assertIn("Authentication", resp.data)
+
         # raclette that the login / logout process works
         self.create_project("raclette")
 
diff --git a/budget/web.py b/budget/web.py
index 44105ca..77de026 100644
--- a/budget/web.py
+++ b/budget/web.py
@@ -72,12 +72,14 @@ def authenticate(project_id=None):
     if not form.id.data and request.args.get('project_id'):
         form.id.data = request.args['project_id']
     project_id = form.id.data
-    project = False
-    if project_id:
-        project = Project.query.get(project_id)
-    else:
+    if project_id is None:
+        #User doesn't provide project identifier, return to authenticate form
         msg = _("You need to enter a project identifier")
         form.errors["id"] = [msg]
+        return render_template("authenticate.html", form=form)
+    else:
+        project = Project.query.get(project_id)
+
     create_project = False  # We don't want to create the project by default
     if not project:
         # But if the user try to connect to an unexisting project, we will