[PATCH] privacy: don't tell users what is the reason for a failed login
Andrew Shadura
andrew at shadura.me
Thu May 21 03:41:12 EDT 2015
Hello,
On Tue, 19 May 2015 17:15:30 +0200
Mads Kiilerich <mads at kiilerich.com> wrote:
> I think the current implementation is wrong when it does any kind of
> login verification in the user friendly form code. The authentication
> should be done explicitly in the controller. (That would also make
> the email login simpler.)
I agree.
> So while this patch makes it less wrong, I still think it is a bit
> pointless.
But meanwhile, are you okay with pushing those?
--
Cheers,
Andrew
More information about the kallithea-general
mailing list