Projet

Général

Profil

0001-misc-require-user-to-be-logged-in-to-access-password.patch

Frédéric Péters, 14 juin 2016 09:35

Télécharger (1,5 ko)

Voir les différences: 

Subject: [PATCH] misc: require user to be logged in to access password change
 view (#11318)


 src/authentic2/profile_urls.py | 4 ++++
 1 file changed, 4 insertions(+)
src/authentic2/profile_urls.py
1 1 
from django.conf.urls import patterns, url
2 2 
from django.contrib.auth import views as auth_views, REDIRECT_FIELD_NAME
3 
from django.contrib.auth.decorators import login_required
3 4 
from django.core.urlresolvers import reverse
4 5 
from django.http import HttpResponseRedirect
5 6 
from django.contrib import messages
6 7 
from django.utils.translation import ugettext as _
8 
from django.views.decorators.debug import sensitive_post_parameters
7 9 

  		




  8
  10
  
    
from authentic2.utils import import_module_or_class, redirect

  		




  9
  11
  
    
from . import app_settings, decorators, profile_views

  		




  ......




  13
  15
  
    
CHANGE_PASSWORD_FORM_CLASS = import_module_or_class(

  		




  14
  16
  
    
        app_settings.A2_REGISTRATION_CHANGE_PASSWORD_FORM_CLASS)

  		




  15
  17
  
    

  		




  
  18
  
    
@sensitive_post_parameters()

  		




  
  19
  
    
@login_required

  		




  16
  20
  
    
@decorators.setting_enabled('A2_REGISTRATION_CAN_CHANGE_PASSWORD')

  		




  17
  21
  
    
def password_change_view(request, *args, **kwargs):

  		




  18
  22
  
    
    post_change_redirect = kwargs.pop('post_change_redirect', None)

  		




  19
  
  
    
-