This repository has been archived by the owner on Feb 22, 2024. It is now read-only.
Make SECURITY_POST_LOGIN_VIEW work when 'next' is blank #261
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If a user goes directly to /login, the value of 'next' is the empty string in the login form. This change updates validate_redirect_url() so that the empty string does not validate, and get_post_action_redirect() will fall through as expected to SECURITY_POST_LOGIN_VIEW.
My new Mac OS 10.9 system doesn't include "mock", and it's required for the test suite to run.
Additional code is required to properly initalize pytest-cache when it's installed into a local egg in the current working directory.
Fix from here:
https://bitbucket.org/hpk42/pytest-cache/issue/8/pytest-cache-plugin-not-loading-when-using
Without this, I get:
.....
running build_ext
usage: setup.py [options] [file_or_dir] [file_or_dir] [...]
setup.py: error: unrecognized arguments: --clearcache
|
@danpat Thanks for catching this, this is clearly an issue, however I'm not too keen on the testing changes you've made. I don't see why mock is need nor do I see why I should change setup.py to work with your environment. |
danpat
pushed a commit
to danpat/flask-security
that referenced
this pull request
Oct 5, 2014
galeo
pushed a commit
to galeo/flask-security-outdated
that referenced
this pull request
Mar 4, 2020
Continued integrating unified sign in into other features. We use an un-guessable password (not an empty) one in the user DB record - this makes sure we don't let folks log in w/o any password, and keeps the DB Column definition of 'non-null' the same. Added "password" explicitly as a US_ENABLED_METHODS - this actually allows an admin to NOT allow password login - or to JUST use passwords with this new endpoint.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
If a user goes directly to /login, the value of 'next' is the empty string in the login form.
This change updates validate_redirect_url() so that the empty string does not validate, and get_post_action_redirect() will fall through as expected to SECURITY_POST_LOGIN_VIEW.