8 files changed, 18 insertions, 37 deletions

diff --git a/mediagoblin/plugins/api/tools.py b/mediagoblin/plugins/api/tools.py
index 92411f4b..d1b3ebb1 100644
--- a/mediagoblin/plugins/api/tools.py
+++ b/mediagoblin/plugins/api/tools.py
@@ -51,30 +51,6 @@ class Auth(object):
     def __call__(self, request, *args, **kw):
         raise NotImplemented()
 
-
-def json_response(serializable, _disable_cors=False, *args, **kw):
-    '''
-    Serializes a json objects and returns a werkzeug Response object with the
-    serialized value as the response body and Content-Type: application/json.
-
-    :param serializable: A json-serializable object
-
-    Any extra arguments and keyword arguments are passed to the
-    Response.__init__ method.
-    '''
-    response = Response(json.dumps(serializable), *args, content_type='application/json', **kw)
-
-    if not _disable_cors:
-        cors_headers = {
-                'Access-Control-Allow-Origin': '*',
-                'Access-Control-Allow-Methods': 'POST, GET, OPTIONS',
-                'Access-Control-Allow-Headers': 'Content-Type, X-Requested-With'}
-        for key, value in cors_headers.iteritems():
-            response.headers.set(key, value)
-
-    return response
-
-
 def get_entry_serializable(entry, urlgen):
     '''
     Returns a serializable dict() of a MediaEntry instance.
diff --git a/mediagoblin/plugins/api/views.py b/mediagoblin/plugins/api/views.py
index 9159fe65..b7e74799 100644
--- a/mediagoblin/plugins/api/views.py
+++ b/mediagoblin/plugins/api/views.py
@@ -21,11 +21,11 @@ from os.path import splitext
 from werkzeug.exceptions import BadRequest, Forbidden
 from werkzeug.wrappers import Response
 
+from mediagoblin.tools.response import json_response
 from mediagoblin.decorators import require_active_login
 from mediagoblin.meddleware.csrf import csrf_exempt
 from mediagoblin.media_types import sniff_media
-from mediagoblin.plugins.api.tools import api_auth, get_entry_serializable, \
-        json_response
+from mediagoblin.plugins.api.tools import api_auth, get_entry_serializable
 from mediagoblin.submit.lib import check_file_field, prepare_queue_task, \
     run_process_media, new_upload_entry
 
diff --git a/mediagoblin/plugins/basic_auth/__init__.py b/mediagoblin/plugins/basic_auth/__init__.py
index c16d8855..33a554b0 100644
--- a/mediagoblin/plugins/basic_auth/__init__.py
+++ b/mediagoblin/plugins/basic_auth/__init__.py
@@ -59,7 +59,10 @@ def gen_password_hash(raw_pass, extra_salt=None):
 
 
 def check_password(raw_pass, stored_hash, extra_salt=None):
-    return auth_tools.bcrypt_check_password(raw_pass, stored_hash, extra_salt)
+    if stored_hash:
+        return auth_tools.bcrypt_check_password(raw_pass,
+                                                stored_hash, extra_salt)
+    return None
 
 
 def auth():
diff --git a/mediagoblin/plugins/basic_auth/forms.py b/mediagoblin/plugins/basic_auth/forms.py
index 72d99dff..6cf01b38 100644
--- a/mediagoblin/plugins/basic_auth/forms.py
+++ b/mediagoblin/plugins/basic_auth/forms.py
@@ -41,3 +41,6 @@ class LoginForm(wtforms.Form):
          normalize_user_or_email_field()])
     password = wtforms.PasswordField(
         _('Password'))
+    stay_logged_in = wtforms.BooleanField(
+        label='',
+        description=_('Stay logged in'))
diff --git a/mediagoblin/plugins/oauth/__init__.py b/mediagoblin/plugins/oauth/__init__.py
index 5762379d..82c1f380 100644
--- a/mediagoblin/plugins/oauth/__init__.py
+++ b/mediagoblin/plugins/oauth/__init__.py
@@ -35,22 +35,22 @@ def setup_plugin():
 
     routes = [
         ('mediagoblin.plugins.oauth.authorize',
-            '/oauth/authorize',
+            '/oauth-2/authorize',
             'mediagoblin.plugins.oauth.views:authorize'),
         ('mediagoblin.plugins.oauth.authorize_client',
-            '/oauth/client/authorize',
+            '/oauth-2/client/authorize',
             'mediagoblin.plugins.oauth.views:authorize_client'),
         ('mediagoblin.plugins.oauth.access_token',
-            '/oauth/access_token',
+            '/oauth-2/access_token',
             'mediagoblin.plugins.oauth.views:access_token'),
         ('mediagoblin.plugins.oauth.list_connections',
-            '/oauth/client/connections',
+            '/oauth-2/client/connections',
             'mediagoblin.plugins.oauth.views:list_connections'),
         ('mediagoblin.plugins.oauth.register_client',
-            '/oauth/client/register',
+            '/oauth-2/client/register',
             'mediagoblin.plugins.oauth.views:register_client'),
         ('mediagoblin.plugins.oauth.list_clients',
-            '/oauth/client/list',
+            '/oauth-2/client/list',
             'mediagoblin.plugins.oauth.views:list_clients')]
 
     pluginapi.register_routes(routes)
diff --git a/mediagoblin/plugins/oauth/tools.py b/mediagoblin/plugins/oauth/tools.py
index 27ff32b4..af0a3305 100644
--- a/mediagoblin/plugins/oauth/tools.py
+++ b/mediagoblin/plugins/oauth/tools.py
@@ -23,7 +23,7 @@ from datetime import datetime
 
 from functools import wraps
 
-from mediagoblin.plugins.api.tools import json_response
+from mediagoblin.tools.response import json_response
 
 
 def require_client_auth(controller):
diff --git a/mediagoblin/plugins/oauth/views.py b/mediagoblin/plugins/oauth/views.py
index d6fd314f..de637d6b 100644
--- a/mediagoblin/plugins/oauth/views.py
+++ b/mediagoblin/plugins/oauth/views.py
@@ -21,7 +21,7 @@ from urllib import urlencode
 
 from werkzeug.exceptions import BadRequest
 
-from mediagoblin.tools.response import render_to_response, redirect
+from mediagoblin.tools.response import render_to_response, redirect, json_response
 from mediagoblin.decorators import require_active_login
 from mediagoblin.messages import add_message, SUCCESS
 from mediagoblin.tools.translate import pass_to_ugettext as _
@@ -31,7 +31,6 @@ from mediagoblin.plugins.oauth.forms import ClientRegistrationForm, \
         AuthorizationForm
 from mediagoblin.plugins.oauth.tools import require_client_auth, \
         create_token
-from mediagoblin.plugins.api.tools import json_response
 
 _log = logging.getLogger(__name__)
 
diff --git a/mediagoblin/plugins/openid/views.py b/mediagoblin/plugins/openid/views.py
index 9566e38e..b639a4cb 100644
--- a/mediagoblin/plugins/openid/views.py
+++ b/mediagoblin/plugins/openid/views.py
@@ -342,7 +342,7 @@ def delete_openid(request):
             form.openid.errors.append(
                 _('That OpenID is not registered to this account.'))
 
-        if not form.errors and not request.session['messages']:
+        if not form.errors and not request.session.get('messages'):
             # Okay to continue with deleting openid
             return_to = request.urlgen(
                 'mediagoblin.plugins.openid.finish_delete')