diff options
| author | Alexis Metaireau <alexis@notmyidea.org> | 2011-08-09 19:28:50 +0200 |
|---|---|---|
| committer | Alexis Metaireau <alexis@notmyidea.org> | 2011-08-09 23:49:44 +0200 |
| commit | bdbc6361b9d6f0fef88ae705628f4ca26783bf0b (patch) | |
| tree | 5a41635aa8f84d06c9f2f19db5e61a32ec149428 /budget/web.py | |
| parent | 78914962ed73d33e5291467081010cce2fa2ecfd (diff) | |
| download | ihatemoney-mirror-bdbc6361b9d6f0fef88ae705628f4ca26783bf0b.zip ihatemoney-mirror-bdbc6361b9d6f0fef88ae705628f4ca26783bf0b.tar.gz ihatemoney-mirror-bdbc6361b9d6f0fef88ae705628f4ca26783bf0b.tar.bz2 | |
fixes authentication (#9)
Diffstat (limited to 'budget/web.py')
| -rw-r--r-- | budget/web.py | 37 |
1 files changed, 19 insertions, 18 deletions
diff --git a/budget/web.py b/budget/web.py index 36a198d..3589438 100644 --- a/budget/web.py +++ b/budget/web.py @@ -35,24 +35,25 @@ def authenticate(redirect_url=None): # propose him a link to the creation form. create_project = project_id - # if credentials are already in session, redirect - if project_id in session and project.password == session[project_id]: - return redirect(redirect_url) - - # else process the form - if project and request.method == "POST": - if form.validate(): - if not form.password.data == project.password: - form.errors['password'] = ["The password is not the right one"] - else: - # maintain a list of visited projects - if "projects" not in session: - session["projects"] = [] - # add the project on the top of the list - session["projects"].insert(0, (project_id, project.name)) - session[project_id] = form.password.data - session.update() - return redirect(redirect_url) + else: + # if credentials are already in session, redirect + if project_id in session and project.password == session[project_id]: + return redirect(redirect_url) + + # else process the form + if request.method == "POST": + if form.validate(): + if not form.password.data == project.password: + form.errors['password'] = ["The password is not the right one"] + else: + # maintain a list of visited projects + if "projects" not in session: + session["projects"] = [] + # add the project on the top of the list + session["projects"].insert(0, (project_id, project.name)) + session[project_id] = form.password.data + session.update() + return redirect(redirect_url) return render_template("authenticate.html", form=form, create_project=create_project) |