[PATCH] privacy: don't tell users what is the reason for a failed login

Andrew Shadura andrew at shadura.me
Sat May 16 11:17:09 EDT 2015


On Sat, 16 May 2015 17:04:06 +0200
Andrew Shadura <andrew at shadura.me> wrote:

>                      raise formencode.Invalid(msg, value, state,
> -                        error_dict=dict(username=msg, password=msg2)
> +                        error_dict=dict(username=' ',password=msg)
>                      )
>      return _validator

I forgot to comment on this. This dict specifies which fields should be
assigned what error messages. If I pass msg as both, the same error
message is displayed twice, which is a bit ugly (even though it can be
solved using CSS, probably). If I pass just one, the other field isn't
highlighted. I haven't found a way in formencode to just highlight a
field without adding an error message to it, so I have worked it around
this way.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.sfconservancy.org/pipermail/kallithea-general/attachments/20150516/0156fb09/attachment.sig>

More information about the kallithea-general mailing list