YunoHost-Apps/ihatemoney_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/ihatemoney_ynh.git synced 2024-09-03 19:26:15 +02:00
Code Issues Activity Actions

Put back the old version of authenticate.

Browse source 
(Fred, is there a reason why you're using form.id.validate()? Doesn't seem to be defined in here.

Also properly deletes the session using session.clear rather than session = None.
As session is an observable object, if it is updated to None, the session will *not* be invalided at the end of the request. Instead, you have to call clear() which will clear its members so the cookie will be updated accordingly at the end of the request.
This commit is contained in:
Alexis Metaireau 2011-07-30 01:32:55 +02:00
parent 0fc95cefb4
commit ab305ccbc6
1 changed files with 20 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
budget/web.py
View file

@ -18,28 +18,26 @@ def home():
def authenticate(redirect_url=None): def authenticate(redirect_url=None):
form = AuthenticationForm() form = AuthenticationForm()
if form.id.validate(): project_id = form.id.data
project_id = form.id.data redirect_url = redirect_url or url_for("list_bills", project_id=project_id)
project = Project.query.get(project_id)
if not project:
return redirect(url_for("create_project", project_id=project_id))
redirect_url = redirect_url or url_for("list_bills", project_id=project_id) # if credentials are already in session, redirect
project = Project.query.get(project_id) if project_id in session and project.password == session[project_id]:
if not project: return redirect(redirect_url)
return redirect(url_for("create_project", project_id=project_id))
# if credentials are already in session, redirect # else process the form
if project_id in session and project.password == session[project_id]: if request.method == "POST":
return redirect(redirect_url) if form.validate():
if not form.password.data == project.password:
# else process the form form.errors['password'] = ["The password is not the right one"]
if request.method == "POST": else:
if form.validate(): session[project_id] = form.password.data
if not form.password.data == project.password: session.update()
form.errors['password'] = ["The password is not the right one"] return redirect(redirect_url)
else:
session[project_id] = form.password.data
session.update()
return redirect(redirect_url)
return render_template("authenticate.html", form=form) return render_template("authenticate.html", form=form)
@ -68,8 +66,8 @@ def create_project():
@app.route("/quit") @app.route("/quit")
def quit(): def quit():
# delete the session # delete the session
session = None session.clear()
return redirect( url_for("home") ) return redirect(url_for("home"))
@app.route("/<string:project_id>/invite") @app.route("/<string:project_id>/invite")
@requires_auth @requires_auth