octo/brutaldon
1
0
Fork 0
mirror of https://gitlab.com/brutaldon/brutaldon synced 2025-06-05 21:49:32 +02:00
Code Issues Projects Releases Wiki Activity

Quick fix for a security issue with login form

Browse Source
This commit is contained in:
Jason McBrayer
2018-04-30 20:32:50 -04:00
parent 421d27ef07
commit 8d6ebfc0b2
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
brutaldon/views.py
View File

@@ -96,14 +96,19 @@ def login(request):
except (Account.DoesNotExist, Account.MultipleObjectsReturned):
account = Account(
username = username,
access_token = access_token,
access_token = "",
client = client)
try:
access_token = mastodon.log_in(username,
password)
account.access_token = access_token
account.save()
request.session['username'] = username
request.session['username'] = username
return redirect(home)
return redirect(home)
except:
# FIXME: add the errors
return render(request, 'setup/login.html', {'form': form})
else:
return render(request, 'setup/login.html', {'form': form})