Return an error when token/new is not accessed via POST, fixes #2

jpulgarin · Aug 31, 2011 · 9414ed0 · 9414ed0
1 parent c155205
commit 9414ed0
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/tokenapi/views.py b/tokenapi/views.py
@@ -17,13 +17,14 @@ def token_new(request):
                 password=request.POST['password'])
             if user:
                 data = {
-                    'success': True,
                     'token': token_generator.make_token(user),
                     'user': user.pk,
                 }
                 return JSONResponse(data)
             else:
-                return JSONError("Unable to log you in, please try again")
+                return JSONError("Unable to log you in, please try again.")
+    else:
+        return JSONError("Must access via a POST request.")
 
 # Checks if a given token and user pair is valid
 # token/:token/:user.json
@@ -37,7 +38,6 @@ def token(request, token, user):
         return JSONError("User does not exist.")
     if token_generator.check_token(user, 
         token): 
-        data['success'] = True
+        return JSONResponse({})
     else:
         return JSONError("Token did not match user.")
-    return JSONResponse(data)