[PATCH] privacy: don't tell users what is the reason for a failed login

Andrew Shadura andrew at shadura.me
Thu May 21 03:41:12 EDT 2015


On Tue, 19 May 2015 17:15:30 +0200
Mads Kiilerich <mads at kiilerich.com> wrote:

> I think the current implementation is wrong when it does any kind of 
> login verification in the user friendly form code. The authentication 
> should be done explicitly in the controller. (That would also make
> the email login simpler.)

I agree.

> So while this patch makes it less wrong, I still think it is a bit 
> pointless.

But meanwhile, are you okay with pushing those?


More information about the kallithea-general mailing list