You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2014/03/25 15:27:42 UTC
[44/50] git commit: [#6701] Improve reliability of auth check
[#6701] Improve reliability of auth check
Signed-off-by: Cory Johns <cj...@slashdotmedia.com>
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/a71aa702
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/a71aa702
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/a71aa702
Branch: refs/heads/db/5995
Commit: a71aa702e39696a5d40eb6fb3ade7dc7739d7429
Parents: 0bbf17d
Author: Cory Johns <cj...@slashdotmedia.com>
Authored: Tue Mar 18 21:35:43 2014 +0000
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Mar 20 18:43:46 2014 +0000
----------------------------------------------------------------------
scripts/ApacheAccessHandler.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/a71aa702/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 19c5207..585c6b2 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -81,8 +81,9 @@ def check_authentication(req):
auth_url = req.get_options().get('ALLURA_AUTH_URL', 'https://127.0.0.1/auth/do_login')
r = requests.post(auth_url, allow_redirects=False, params={
'username': req.user,
- 'password': req.get_basic_auth_pw()})
- return r.status_code == 302
+ 'password': req.get_basic_auth_pw(),
+ 'return_to': '/login_successful'})
+ return r.status_code == 302 and r.headers['location'].endswith('/login_successful')
def check_permissions(req):