diff options
| -rw-r--r-- | budget/tests.py | 5 | ||||
| -rw-r--r-- | budget/web.py | 10 |
2 files changed, 11 insertions, 4 deletions
diff --git a/budget/tests.py b/budget/tests.py index 9eea518..0f7c2a2 100644 --- a/budget/tests.py +++ b/budget/tests.py @@ -289,6 +289,11 @@ class BudgetTestCase(TestCase): self.assertTrue(models.Project.query.get("demo") is not None) def test_authentication(self): + # try to authenticate without credentials should redirect + # to the authentication page + resp = self.app.post("/authenticate") + self.assertIn("Authentication", resp.data) + # raclette that the login / logout process works self.create_project("raclette") diff --git a/budget/web.py b/budget/web.py index 44105ca..77de026 100644 --- a/budget/web.py +++ b/budget/web.py @@ -72,12 +72,14 @@ def authenticate(project_id=None): if not form.id.data and request.args.get('project_id'): form.id.data = request.args['project_id'] project_id = form.id.data - project = False - if project_id: - project = Project.query.get(project_id) - else: + if project_id is None: + #User doesn't provide project identifier, return to authenticate form msg = _("You need to enter a project identifier") form.errors["id"] = [msg] + return render_template("authenticate.html", form=form) + else: + project = Project.query.get(project_id) + create_project = False # We don't want to create the project by default if not project: # But if the user try to connect to an unexisting project, we will |