From b83d693d23b3f1d96cfbe8ea7bd8b9cd404b7b7c Mon Sep 17 00:00:00 2001
From: silum <deneys.maartens@gmail.com>
Date: Fri, 3 Nov 2017 18:30:44 +0200
Subject: views.py: prevent exception on unknown user login

Attempting authentication without specifying a login, or when the login is not known, causes an unhandled exception to be raised in `security.py` because `None` is passed to `check_password()` as the hashed password to check against.
---
 docs/quick_tutorial/authentication/tutorial/views.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/quick_tutorial/authentication/tutorial/views.py b/docs/quick_tutorial/authentication/tutorial/views.py
index b07538d5e..b2d9354ec 100644
--- a/docs/quick_tutorial/authentication/tutorial/views.py
+++ b/docs/quick_tutorial/authentication/tutorial/views.py
@@ -43,7 +43,8 @@ class TutorialViews:
         if 'form.submitted' in request.params:
             login = request.params['login']
             password = request.params['password']
-            if check_password(password, USERS.get(login)):
+            hashed_pw = USERS.get(login)
+            if hashed_pw and check_password(password, hashed_pw):
                 headers = remember(request, login)
                 return HTTPFound(location=came_from,
                                  headers=headers)
-- 
cgit v1.2.3


From 5fc14d6868898d7b6044086638ebe9c2c5ed1b71 Mon Sep 17 00:00:00 2001
From: silum <deneys.maartens@gmail.com>
Date: Fri, 3 Nov 2017 19:31:43 +0200
Subject: views.py: prevent exception on unknown user login

---
 docs/quick_tutorial/authorization/tutorial/views.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/quick_tutorial/authorization/tutorial/views.py b/docs/quick_tutorial/authorization/tutorial/views.py
index b2dc905c0..3876efb1c 100644
--- a/docs/quick_tutorial/authorization/tutorial/views.py
+++ b/docs/quick_tutorial/authorization/tutorial/views.py
@@ -45,7 +45,8 @@ class TutorialViews:
         if 'form.submitted' in request.params:
             login = request.params['login']
             password = request.params['password']
-            if check_password(password, USERS.get(login)):
+            hashed_pw = USERS.get(login)
+            if hashed_pw and check_password(password, hashed_pw):
                 headers = remember(request, login)
                 return HTTPFound(location=came_from,
                                  headers=headers)
-- 
cgit v1.2.3


From 39984a54ad37ba5f2fb14761fb2e06c0c12b1c8f Mon Sep 17 00:00:00 2001
From: silum <deneys.maartens@gmail.com>
Date: Fri, 3 Nov 2017 19:37:58 +0200
Subject: CONTRIBUTORS.txt: add my name

---
 CONTRIBUTORS.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CONTRIBUTORS.txt b/CONTRIBUTORS.txt
index a2f642c17..83469c14c 100644
--- a/CONTRIBUTORS.txt
+++ b/CONTRIBUTORS.txt
@@ -313,3 +313,4 @@ Contributors
 
 - Lars Blumberg, 2017/08/14
 
+- Deneys Maartens, 2017/11/03
-- 
cgit v1.2.3