diff options
| author | Hans Lo <hansshulo@gmail.com> | 2013-03-28 04:13:23 -0400 |
|---|---|---|
| committer | Hans Lo <hansshulo@gmail.com> | 2013-03-28 04:26:33 -0400 |
| commit | 9d140cb8429166bfb2cb8937ad820f906767747b (patch) | |
| tree | 78ec25e828930e8149f9a4b01d120e16759c93f4 | |
| parent | dfa6994d4d81370482d386488bc3b285279f4d8c (diff) | |
| download | mediagoblin-9d140cb8429166bfb2cb8937ad820f906767747b.tar.lz mediagoblin-9d140cb8429166bfb2cb8937ad820f906767747b.tar.xz mediagoblin-9d140cb8429166bfb2cb8937ad820f906767747b.zip | |
Use WTForms data field in auth/views.py
| -rw-r--r-- | mediagoblin/auth/views.py | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py index 99fe0b68..354b48c1 100644 --- a/mediagoblin/auth/views.py +++ b/mediagoblin/auth/views.py @@ -78,7 +78,7 @@ def register(request): user.username = register_form.data['username'] user.email = register_form.data['email'] user.pw_hash = auth_lib.bcrypt_gen_password_hash( - request.form['password']) + register_form.password.data) user.verification_key = unicode(uuid.uuid4()) user.save() @@ -116,7 +116,7 @@ def login(request): if login_form.validate(): user = User.query.filter_by(username=login_form.data['username']).first() - if user and user.check_login(request.form['password']): + if user and user.check_login(login_form.password.data): # set up login in session request.session['user_id'] = unicode(user.id) request.session.save() @@ -241,11 +241,11 @@ def forgot_password(request): # has been sanitized. Store if a user was found by email. We should # not reveal if the operation was successful then as we don't want to # leak if an email address exists in the system. - found_by_email = '@' in request.form['username'] + found_by_email = '@' in fp_form.username.data if found_by_email: user = User.query.filter_by( - email = request.form['username']).first() + email = fp_form.username.data).first() # Don't reveal success in case the lookup happened by email address. success_message=_("If that email address (case sensitive!) is " "registered an email has been sent with instructions " @@ -253,7 +253,7 @@ def forgot_password(request): else: # found by username user = User.query.filter_by( - username = request.form['username']).first() + username = fp_form.username.data).first() if user is None: messages.add_message(request, @@ -317,7 +317,7 @@ def verify_forgot_password(request): if request.method == 'POST' and cp_form.validate(): user.pw_hash = auth_lib.bcrypt_gen_password_hash( - request.form['password']) + cp_form.password.data) user.fp_verification_key = None user.fp_token_expire = None user.save() |