diff options
| author | Wookey <wookey@wookware.org> | 2013-07-02 18:10:45 +0100 |
|---|---|---|
| committer | Wookey <wookey@wookware.org> | 2013-07-02 18:10:45 +0100 |
| commit | d1ad8730d7e43275c7c6dc6a8b10c279b8e4cdbd (patch) | |
| tree | a46680958c03a10630bf3f72eef53c2e19fc8741 /registration/forms.py | |
| parent | f626d3304dc88cb54ee86ef3c964110a69082134 (diff) | |
| download | troggle-d1ad8730d7e43275c7c6dc6a8b10c279b8e4cdbd.tar.gz troggle-d1ad8730d7e43275c7c6dc6a8b10c279b8e4cdbd.tar.bz2 troggle-d1ad8730d7e43275c7c6dc6a8b10c279b8e4cdbd.zip | |
Add CSRF protection to registration form (and remove annoying second
password)
Diffstat (limited to 'registration/forms.py')
| -rw-r--r-- | registration/forms.py | 13 |
1 files changed, 5 insertions, 8 deletions
diff --git a/registration/forms.py b/registration/forms.py index 2f591d4..9b68279 100644 --- a/registration/forms.py +++ b/registration/forms.py @@ -15,15 +15,15 @@ from registration.models import RegistrationProfile # on them with CSS or JavaScript if they have a class of "required" # in the HTML. Your mileage may vary. If/when Django ticket #3515 # lands in trunk, this will no longer be necessary. -attrs_dict = { 'class': 'required' } +# This was fixed in 2007, so I guess we don't need this any more. [W] +#attrs_dict = { 'class': 'required' } class RegistrationForm(forms.Form): """ Form for registering a new user account. - Validates that the requested username is not already in use, and - requires the password to be entered twice to catch typos. + Validates that the requested username is not already in use. Subclasses should feel free to add any additional validation they need, but should either preserve the base ``save()`` or implement @@ -39,8 +39,7 @@ class RegistrationForm(forms.Form): label=_(u'email address')) password1 = forms.CharField(widget=forms.PasswordInput(attrs=attrs_dict, render_value=False), label=_(u'password')) - password2 = forms.CharField(widget=forms.PasswordInput(attrs=attrs_dict, render_value=False), - label=_(u'password (again)')) + def clean_username(self): """ @@ -62,9 +61,7 @@ class RegistrationForm(forms.Form): field. """ - if 'password1' in self.cleaned_data and 'password2' in self.cleaned_data: - if self.cleaned_data['password1'] != self.cleaned_data['password2']: - raise forms.ValidationError(_(u'You must type the same password each time')) + if 'password1' in self.cleaned_data: if len(self.cleaned_data['password1']) < 6: raise forms.ValidationError(_(u'Your password must be at least 6 characters')) return self.cleaned_data |