mirror of
https://github.com/django/django.git
synced 2024-12-24 18:16:19 +00:00
Fixed #335 -- Admin login form now checks that cookies are enabled.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@529 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
8acb6c836b
commit
b1d9682a38
@ -48,6 +48,11 @@ class AdminUserRequired:
|
||||
message = ""
|
||||
return self.display_login_form(request, message)
|
||||
|
||||
# Check that the user accepts cookies.
|
||||
if not request.session.test_cookie_worked():
|
||||
message = "Looks like your browser isn't configured to accept cookies. Please enable cookies, reload this page, and try again."
|
||||
return self.display_login_form(request, message)
|
||||
|
||||
# Check the password
|
||||
username = request.POST.get('username', '')
|
||||
try:
|
||||
@ -81,6 +86,7 @@ class AdminUserRequired:
|
||||
return self.display_login_form(request, ERROR_MESSAGE)
|
||||
|
||||
def display_login_form(self, request, error_message=''):
|
||||
request.session.set_test_cookie()
|
||||
if request.POST and request.POST.has_key('post_data'):
|
||||
# User has failed login BUT has previously saved 'post_data'
|
||||
post_data = request.POST['post_data']
|
||||
|
Loading…
Reference in New Issue
Block a user