Only check for valid username/password if username and password POST fields are posted.
This commit is contained in:
parent
868a06ea3f
commit
216f38db14
@ -18,6 +18,9 @@ Fixed
|
|||||||
* Really pick the last version on Pypi for new version checking.
|
* Really pick the last version on Pypi for new version checking.
|
||||||
We were only sorting version string lexicographically and it would have break when
|
We were only sorting version string lexicographically and it would have break when
|
||||||
we reach version 0.10.N or 0.N.10
|
we reach version 0.10.N or 0.N.10
|
||||||
|
* Only check for valid username/password if username and password POST fields are posted.
|
||||||
|
This fix a bug where posting without it raise a exception are None where passed for
|
||||||
|
username/password verification.
|
||||||
|
|
||||||
|
|
||||||
v0.7.2 - 2016-08-31
|
v0.7.2 - 2016-08-31
|
||||||
|
@ -122,8 +122,9 @@ class UserCredential(BaseLogin):
|
|||||||
:rtype: dict
|
:rtype: dict
|
||||||
"""
|
"""
|
||||||
cleaned_data = super(UserCredential, self).clean()
|
cleaned_data = super(UserCredential, self).clean()
|
||||||
auth = utils.import_attr(settings.CAS_AUTH_CLASS)(cleaned_data.get("username"))
|
if "username" in cleaned_data and "password" in cleaned_data:
|
||||||
if auth.test_password(cleaned_data.get("password")):
|
auth = utils.import_attr(settings.CAS_AUTH_CLASS)(cleaned_data["username"])
|
||||||
|
if auth.test_password(cleaned_data["password"]):
|
||||||
cleaned_data["username"] = auth.username
|
cleaned_data["username"] = auth.username
|
||||||
else:
|
else:
|
||||||
raise forms.ValidationError(
|
raise forms.ValidationError(
|
||||||
|
Loading…
Reference in New Issue
Block a user