From 51d7bac88f64ec5b861c46a79208d4d51f5f8adf Mon Sep 17 00:00:00 2001 From: deyk Date: Wed, 18 Jan 2012 14:04:38 -0800 Subject: [PATCH 1/1] Removed usage of LoginTicket, as we get this in a much more robust form from Django's CSRF middleware. --- cas_provider/forms.py | 17 ----------------- cas_provider/views.py | 1 + 2 files changed, 1 insertion(+), 17 deletions(-) diff --git a/cas_provider/forms.py b/cas_provider/forms.py index 88d2926..8be3b15 100644 --- a/cas_provider/forms.py +++ b/cas_provider/forms.py @@ -2,15 +2,10 @@ from django import forms from django.contrib.auth.forms import AuthenticationForm from django.contrib.auth import authenticate -from models import ServiceTicket, LoginTicket -from utils import create_login_ticket - class LoginForm(forms.Form): email = forms.CharField(max_length=255) password = forms.CharField(widget=forms.PasswordInput) - #warn = forms.BooleanField(required=False) # TODO: Implement - lt = forms.CharField(widget=forms.HiddenInput, initial=create_login_ticket, required=False) service = forms.CharField(widget=forms.HiddenInput, required=False) remember_me = forms.BooleanField(required=False) @@ -25,18 +20,6 @@ class LoginForm(forms.Form): remember = self.cleaned_data['remember_me'] if not remember and self.request is not None: self.request.session.set_expiry(0) - - def clean_lt(self): - lt = self.cleaned_data.get('lt', - self.initial.get('lt', None)) - if lt is None: - lt = self.fields['lt'].initial() - try: - login_ticket = LoginTicket.objects.get(ticket=lt) - except LoginTicket.DoesNotExist: - raise forms.ValidationError("Login ticket expired. Please try again.") - else: - login_ticket.delete() class MergeLoginForm(LoginForm): diff --git a/cas_provider/views.py b/cas_provider/views.py index 526a100..dcc0bbd 100644 --- a/cas_provider/views.py +++ b/cas_provider/views.py @@ -61,6 +61,7 @@ def login(request, template_name='cas/login.html', success_redirect='/account/', args = urllib.urlencode(args) return HttpResponseRedirect('%s?%s' % (base_url, args)) + if user is not None: if user.is_active: auth_login(request, user) -- 2.20.1