Changeset 6768


Ignore:
Timestamp:
14 Sep 2011, 12:37:42 (13 years ago)
Author:
uli
Message:

Try to fix problem with input errors on password reset.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.sirp/trunk/src/waeup/sirp/students/authentication.py

    r6756 r6768  
    195195      with credentials set before)
    196196
     197    - no session exists already
     198
     199    - password and repeated password do not match
     200
    197201    Therefore it is mandatory to put this plugin in the line of all
    198202    credentials plugins _before_ other plugins, so that the regular
     
    209213    loginfield = 'student_id'
    210214    passwordfield = 'form.password'
     215    repeatfield = 'form.password_repeat'
    211216
    212217    def extractCredentials(self, request):
     
    215220        login = request.get(self.loginfield, None)
    216221        password = request.get(self.passwordfield, None)
     222        password_repeat = request.get(self.repeatfield, None)
     223
    217224        if not login or not password:
    218225            return None
     226
     227        if password != password_repeat:
     228            # At least protect against erraneous password input
     229            return None
     230
    219231        session = ISession(request)
    220232        sessionData = session.get(
    221233            'zope.pluggableauth.browserplugins')
     234        if not sessionData:
     235            return None
     236
    222237        old_credentials = sessionData.get('credentials', None)
    223238        if old_credentials is None:
Note: See TracChangeset for help on using the changeset viewer.