diff options
| author | Wookey <wookey@wookware.org> | 2013-07-02 20:23:55 +0100 |
|---|---|---|
| committer | Wookey <wookey@wookware.org> | 2013-07-02 20:23:55 +0100 |
| commit | 5351108ec1b2325d47f6f9b7534991c1aa518d40 (patch) | |
| tree | 1beb74fb2d2d6328c90bf39aac9ddfb1e2669976 /registration/views.py | |
| parent | f3a570a21daa84e2e0abc079ef84f813aa15969a (diff) | |
| parent | 7759e481d46c60d129ab2d54f2813ecc27ec8ec6 (diff) | |
| download | troggle-5351108ec1b2325d47f6f9b7534991c1aa518d40.tar.gz troggle-5351108ec1b2325d47f6f9b7534991c1aa518d40.tar.bz2 troggle-5351108ec1b2325d47f6f9b7534991c1aa518d40.zip | |
merged in proper CSRF changes from server
Diffstat (limited to 'registration/views.py')
| -rw-r--r-- | registration/views.py | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/registration/views.py b/registration/views.py index 5df17b4..9603b56 100644 --- a/registration/views.py +++ b/registration/views.py @@ -7,12 +7,13 @@ from django.contrib.auth import authenticate from django.conf import settings from django.core.urlresolvers import reverse -from django.core.context_processors import csrf from django.http import HttpResponseRedirect from django.shortcuts import render_to_response from django.template import RequestContext from django.contrib.auth import login - +#Add CSRF protection: +from django.core.context_processors import csrf +from django.shortcuts import render_to_response from registration.forms import RegistrationForm from registration.models import RegistrationProfile @@ -69,7 +70,6 @@ def activate(request, activation_key, c = {} c.update(csrf(request)) - activation_key = activation_key.lower() # Normalize before trying anything with it. account = RegistrationProfile.objects.activate_user(activation_key) try: @@ -81,11 +81,10 @@ def activate(request, activation_key, context = RequestContext(request) for key, value in extra_context.items(): context[key] = callable(value) and value() or value - # merge local settings dict with csrf token dict and render. (could use render()from django 1.34 onwards) return render_to_response(template_name, - c.update({ 'account': account, - 'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS, 'settings':settings, }), - context_instance=context) + { 'account': account, + 'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS, 'settings':settings}, + context_instance=context, c) def register(request, success_url=None, @@ -168,7 +167,6 @@ def register(request, success_url=None, context = RequestContext(request) for key, value in extra_context.items(): context[key] = callable(value) and value() or value - # merge local settings dict with csrf token dict and render. (could use render()from django 1.34 onwards) return render_to_response(template_name, - c.update({ 'form': form,'settings':settings }), - context_instance=context) + { 'form': form,'settings':settings }, + context_instance=context, c) |