9822: Check *all* cookies (not just the last cookie) for a notebook t…

…oken
sagemath · Sep 29, 2010 · ed1c4f6 · ed1c4f6
1 parent 3da2cae
commit ed1c4f6
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/sagenb/notebook/guard.py b/sagenb/notebook/guard.py
@@ -260,15 +260,13 @@ def getCredentials(self, request):
         if request.args.get('startup_token', [''])[0]:
             import avatars
             return avatars.TokenCred(request.args.get('startup_token', [''])[0])
+        username = password = 'COOKIESDISABLED'
         if request.headers.getHeader('cookie'):
             for C in request.headers.getHeader('cookie'):
                 if C.name == 'cookie_test_%s' % twist.notebook.port:
                     username = request.args.get('email', [''])[0]
                     password = request.args.get('password', [''])[0]
-                else:
-                    username = password = 'COOKIESDISABLED'
-        else:
-            username = password = 'COOKIESDISABLED'
+                    break
         return credentials.UsernamePassword(username, password)
 
     def _loginSuccess(self, (iface, rsrc, logout), session, creds, segments):