From 51d7bac88f64ec5b861c46a79208d4d51f5f8adf Mon Sep 17 00:00:00 2001
From: deyk <deyk@crossway.org>
Date: Wed, 18 Jan 2012 14:04:38 -0800
Subject: [PATCH] Removed usage of LoginTicket, as we get this in a much more
 robust form from Django's CSRF middleware.

---
 cas_provider/forms.py | 17 -----------------
 cas_provider/views.py |  1 +
 2 files changed, 1 insertion(+), 17 deletions(-)

diff --git a/cas_provider/forms.py b/cas_provider/forms.py
index 88d2926..8be3b15 100644
--- a/cas_provider/forms.py
+++ b/cas_provider/forms.py
@@ -2,15 +2,10 @@ from django import forms
 from django.contrib.auth.forms import AuthenticationForm
 from django.contrib.auth import authenticate
 
-from models import ServiceTicket, LoginTicket
-from utils import create_login_ticket
-
 
 class LoginForm(forms.Form):
     email = forms.CharField(max_length=255)
     password = forms.CharField(widget=forms.PasswordInput)
-    #warn = forms.BooleanField(required=False)  # TODO: Implement
-    lt = forms.CharField(widget=forms.HiddenInput, initial=create_login_ticket, required=False)
     service = forms.CharField(widget=forms.HiddenInput, required=False)
     remember_me = forms.BooleanField(required=False)
 
@@ -25,18 +20,6 @@ class LoginForm(forms.Form):
         remember = self.cleaned_data['remember_me']
         if not remember and self.request is not None:
             self.request.session.set_expiry(0)
-
-    def clean_lt(self):
-        lt = self.cleaned_data.get('lt',
-                                   self.initial.get('lt', None))
-        if lt is None:
-            lt = self.fields['lt'].initial()
-        try:
-            login_ticket = LoginTicket.objects.get(ticket=lt)
-        except LoginTicket.DoesNotExist:
-            raise forms.ValidationError("Login ticket expired. Please try again.")
-        else:
-            login_ticket.delete()
             
 
 class MergeLoginForm(LoginForm):
diff --git a/cas_provider/views.py b/cas_provider/views.py
index 526a100..dcc0bbd 100644
--- a/cas_provider/views.py
+++ b/cas_provider/views.py
@@ -61,6 +61,7 @@ def login(request, template_name='cas/login.html', success_redirect='/account/',
                     args = urllib.urlencode(args)
 
                     return HttpResponseRedirect('%s?%s' % (base_url, args))
+            
             if user is not None:
                 if user.is_active:
                     auth_login(request, user)
-- 
2.20.1