0001-misc-require-user-to-be-logged-in-to-access-password.patch
src/authentic2/profile_urls.py | ||
---|---|---|
1 | 1 |
from django.conf.urls import patterns, url |
2 | 2 |
from django.contrib.auth import views as auth_views, REDIRECT_FIELD_NAME |
3 |
from django.contrib.auth.decorators import login_required |
|
3 | 4 |
from django.core.urlresolvers import reverse |
4 | 5 |
from django.http import HttpResponseRedirect |
5 | 6 |
from django.contrib import messages |
6 | 7 |
from django.utils.translation import ugettext as _ |
8 |
from django.views.decorators.debug import sensitive_post_parameters |
|
7 | 9 | |
8 | 10 |
from authentic2.utils import import_module_or_class, redirect |
9 | 11 |
from . import app_settings, decorators, profile_views |
... | ... | |
13 | 15 |
CHANGE_PASSWORD_FORM_CLASS = import_module_or_class( |
14 | 16 |
app_settings.A2_REGISTRATION_CHANGE_PASSWORD_FORM_CLASS) |
15 | 17 | |
18 |
@sensitive_post_parameters() |
|
19 |
@login_required |
|
16 | 20 |
@decorators.setting_enabled('A2_REGISTRATION_CAN_CHANGE_PASSWORD') |
17 | 21 |
def password_change_view(request, *args, **kwargs): |
18 | 22 |
post_change_redirect = kwargs.pop('post_change_redirect', None) |
19 |
- |