Permalink
Browse files

disable csrf for login due to bug .. again

  • Loading branch information...
1 parent e866861 commit 530695f99fe4feba41abfe6fdc2bd8bcead49cac @ceari committed Apr 10, 2012
Showing with 2 additions and 8 deletions.
  1. +1 −7 edacc/templates/accounts/login.html
  2. +1 −1 edacc/views/accounts.py
@@ -3,9 +3,7 @@
{% block title %}Login{% endblock %}
{% block content %}
<h2>Login to {{db}}</h2>
-
<form action="{{url_for('accounts.login', database=database)}}" method="post">
- {{form.csrf}}
<table>
{{ render_field(form.email, size=40) }}
{{ render_field(form.password, size=40) }}
@@ -15,11 +13,7 @@
<input type="submit" value="Login" />
</form>
<div><a href="{{ url_for('accounts.reset_password', database=database) }}">Forgot your password?</a></div>
- {% if 'csrf' in form.errors %}
- <div class="form_error">
- Missing or invalid CSRF token. Refresh the page and try again.
- </div>
- {% endif %}
+
{% if db.competition_phase() in (1, 2) %}
<a href="{{url_for('accounts.register', database=database)}}">Register</a>
{% endif %}
View
@@ -180,7 +180,7 @@ def login(database):
only be logged in to one database at a time
"""
db = models.get_database(database) or abort(404)
- form = forms.LoginForm()
+ form = forms.LoginForm(csrf_enabled=False)
error = None
if form.validate_on_submit():

0 comments on commit 530695f

Please sign in to comment.