--- a/pvl/login/server.py Mon Jan 13 21:14:30 2014 +0200
+++ b/pvl/login/server.py Mon Jan 13 21:14:52 2014 +0200
@@ -302,6 +302,9 @@
}
"""
+
+ login_failure = None
+
def process (self) :
self.process_cookie()
@@ -335,12 +338,17 @@
except pvl.login.auth.AuthError as ex :
self.alert('danger', "Internal authentication error, try again later?")
- if not set_pubtkt :
- self.alert('danger', "Invalid authentication credentials, try again.")
+ else :
+ if not set_pubtkt :
+ self.alert('danger', "Invalid authentication credentials, try again.")
elif self.pubtkt and self.pubtkt.valid() :
# renew manually if valid
set_pubtkt = self.app.renew(self.pubtkt)
+
+ # a POST request that does not modify state is a failure
+ if not set_pubtkt :
+ self.login_failure = True
elif 'renew' in self.request.args :
# renew automatically if in grace period
@@ -365,6 +373,11 @@
return response
+ def status (self) :
+ if self.login_failure :
+ return 400
+ else :
+ return 200
def render (self) :
domain = self.app.login_domain
@@ -512,9 +525,14 @@
if not auth :
return None
+ tokens = list(self._auth.access(auth))
+ udata = self._auth.userdata(auth)
+
return pubtkt.PubTkt.new(username,
valid = self.login_valid,
grace = self.login_grace,
+ tokens = tokens,
+ udata = udata,
)
def sign (self, pubtkt) :