From 9414ed044a7bf3384538a987eb109ebf5a8181ce Mon Sep 17 00:00:00 2001
From: Julian Pulgarin <jp@julianpulgarin.com>
Date: Wed, 31 Aug 2011 01:07:22 -0700
Subject: [PATCH] Return an error when token/new is not accessed via POST,
 fixes #2

---
 tokenapi/views.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tokenapi/views.py b/tokenapi/views.py
index 3067dad..8c943a1 100644
--- a/tokenapi/views.py
+++ b/tokenapi/views.py
@@ -17,13 +17,14 @@ def token_new(request):
                 password=request.POST['password'])
             if user:
                 data = {
-                    'success': True,
                     'token': token_generator.make_token(user),
                     'user': user.pk,
                 }
                 return JSONResponse(data)
             else:
-                return JSONError("Unable to log you in, please try again")
+                return JSONError("Unable to log you in, please try again.")
+    else:
+        return JSONError("Must access via a POST request.")
 
 # Checks if a given token and user pair is valid
 # token/:token/:user.json
@@ -37,7 +38,6 @@ def token(request, token, user):
         return JSONError("User does not exist.")
     if token_generator.check_token(user, 
         token): 
-        data['success'] = True
+        return JSONResponse({})
     else:
         return JSONError("Token did not match user.")
-    return JSONResponse(data)