From 9eab5be9a33e7dab46e7de4692ca788868d816dc Mon Sep 17 00:00:00 2001 From: Alexis Metaireau Date: Sun, 21 Aug 2011 22:35:01 +0200 Subject: RequestRedirect uses a HTTP 301. We need 303. This is mainly because 301 is cacheable whereas 303 (See other) isn't. The redirect response given by the app when trying to connect to a project (via /project_name) while not authenticated was to permanently redirect to /authenticate. Once authenticated, the browser was redirected to the /project_name, that was cached, leading to an endless loop. 303 see other allows to solve this problem. --- budget/web.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'budget/web.py') diff --git a/budget/web.py b/budget/web.py index fa3f485..78886d8 100644 --- a/budget/web.py +++ b/budget/web.py @@ -2,12 +2,11 @@ from collections import defaultdict from flask import * from flaskext.mail import Mail, Message -from werkzeug.routing import RequestRedirect # local modules from models import db, Project, Person, Bill from forms import ProjectForm, AuthenticationForm, BillForm, MemberForm, InviteForm -from utils import get_billform_for, requires_auth +from utils import get_billform_for, Redirect303 # create the application, initialize stuff app = Flask(__name__) @@ -40,13 +39,13 @@ def pull_project(endpoint, values): if project_id: project = Project.query.get(project_id) if not project: - raise RequestRedirect(url_for("create_project", project_id=project_id)) + raise Redirect303(url_for("create_project", project_id=project_id)) if project.id in session and session[project.id] == project.password: # add project into kwargs and call the original function g.project = project else: # redirect to authentication page - raise RequestRedirect( + raise Redirect303( url_for("authenticate", project_id=project_id)) @app.route("/authenticate", methods=["GET", "POST"]) -- cgit v1.1