diff options
| author | Steve Piercy <web@stevepiercy.com> | 2017-11-04 11:49:44 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-11-04 11:49:44 -0700 |
| commit | 5ce3e89fd7f001143df940467591a39e04962dad (patch) | |
| tree | 3db6e2d9d03d4d9c2590ee893d515cf24cf866f5 /docs | |
| parent | 0042089cbba09cdf801f2139169f8c4cde182eb1 (diff) | |
| parent | 39984a54ad37ba5f2fb14761fb2e06c0c12b1c8f (diff) | |
| download | pyramid-5ce3e89fd7f001143df940467591a39e04962dad.tar.gz pyramid-5ce3e89fd7f001143df940467591a39e04962dad.tar.bz2 pyramid-5ce3e89fd7f001143df940467591a39e04962dad.zip | |
Merge pull request #3196 from silum/patch-1
views.py: prevent exception on unknown user login
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/quick_tutorial/authentication/tutorial/views.py | 3 | ||||
| -rw-r--r-- | docs/quick_tutorial/authorization/tutorial/views.py | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/docs/quick_tutorial/authentication/tutorial/views.py b/docs/quick_tutorial/authentication/tutorial/views.py index b07538d5e..b2d9354ec 100644 --- a/docs/quick_tutorial/authentication/tutorial/views.py +++ b/docs/quick_tutorial/authentication/tutorial/views.py @@ -43,7 +43,8 @@ class TutorialViews: if 'form.submitted' in request.params: login = request.params['login'] password = request.params['password'] - if check_password(password, USERS.get(login)): + hashed_pw = USERS.get(login) + if hashed_pw and check_password(password, hashed_pw): headers = remember(request, login) return HTTPFound(location=came_from, headers=headers) diff --git a/docs/quick_tutorial/authorization/tutorial/views.py b/docs/quick_tutorial/authorization/tutorial/views.py index b2dc905c0..3876efb1c 100644 --- a/docs/quick_tutorial/authorization/tutorial/views.py +++ b/docs/quick_tutorial/authorization/tutorial/views.py @@ -45,7 +45,8 @@ class TutorialViews: if 'form.submitted' in request.params: login = request.params['login'] password = request.params['password'] - if check_password(password, USERS.get(login)): + hashed_pw = USERS.get(login) + if hashed_pw and check_password(password, hashed_pw): headers = remember(request, login) return HTTPFound(location=came_from, headers=headers) |