Permalink
Browse files

don't present meaningless username option in notebook

username isn't used for anything other than hash input
for authentication, so remove the field in the login form
and just use a uuid.
  • Loading branch information...
1 parent 9ba28df commit 29cdf0f60aedcc534347c934218bd4851bd9da75 @minrk committed Sep 6, 2011
@@ -18,6 +18,7 @@
import logging
import Cookie
+import uuid
from tornado import web
from tornado import websocket
@@ -68,7 +69,7 @@ def get(self):
def post(self):
pwd = self.get_argument("password", default=u'')
if self.application.password and pwd == self.application.password:
- self.set_secure_cookie("user", self.get_argument("name", default=u''))
+ self.set_secure_cookie("user", str(uuid.uuid4()))
url = self.get_argument("next", default="/")
self.redirect(url)
@@ -41,7 +41,6 @@
<div id="content_panel">
<form action="/login" method="post">
- Name: <input type="text" name="name" value="{{user_id}}">
Password: <input type="password" name="password">
<input type="submit" value="Sign in">
</form>

0 comments on commit 29cdf0f

Please sign in to comment.