Ticket #17216: views.py.patch

File views.py.patch, 2.2 KB (added by Zaar Hai <haizaar@…>, 13 years ago)
  • django/contrib/auth/views.py

    old new  
    3030    """
    3131    redirect_to = request.REQUEST.get(redirect_field_name, '')
    3232
    33     if request.method == "POST":
    34         form = authentication_form(data=request.POST)
    35         if form.is_valid():
    36             netloc = urlparse.urlparse(redirect_to)[1]
     33    form = authentication_form(request, data=request.POST or None)
    3734
    38             # Use default setting if redirect_to is empty
    39             if not redirect_to:
    40                 redirect_to = settings.LOGIN_REDIRECT_URL
    41 
    42             # Security check -- don't allow redirection to a different
    43             # host.
    44             elif netloc and netloc != request.get_host():
    45                 redirect_to = settings.LOGIN_REDIRECT_URL
     35    if form.is_valid():
     36        netloc = urlparse.urlparse(redirect_to)[1]
    4637
    47             # Okay, security checks complete. Log the user in.
    48             auth_login(request, form.get_user())
     38        # Use default setting if redirect_to is empty
     39        if not redirect_to:
     40            redirect_to = settings.LOGIN_REDIRECT_URL
     41
     42        # Security check -- don't allow redirection to a different
     43        # host.
     44        elif netloc and netloc != request.get_host():
     45            redirect_to = settings.LOGIN_REDIRECT_URL
    4946
    50             if request.session.test_cookie_worked():
    51                 request.session.delete_test_cookie()
     47        # Okay, security checks complete. Log the user in.
     48        auth_login(request, form.get_user())
    5249
    53             return HttpResponseRedirect(redirect_to)
    54     else:
    55         form = authentication_form(request)
     50        if request.session.test_cookie_worked():
     51            request.session.delete_test_cookie()
     52
     53        return HttpResponseRedirect(redirect_to)
    5654
    5755    request.session.set_test_cookie()
    5856
     
    6866    return render_to_response(template_name, context,
    6967                              context_instance=RequestContext(request, current_app=current_app))
    7068
    71 
    7269def logout(request, next_page=None,
    7370           template_name='registration/logged_out.html',
    7471           redirect_field_name=REDIRECT_FIELD_NAME,
Back to Top