#3815 return_to field not created in LoginForm

v1.2.0
closed
nobody
None
User
nobody
2015-08-20
2012-02-27
karsten
No

The login page does not actually render the return_to hidden field.

This prevents a users from bookmarking a link, and being able to visit it after logout... without clicking it twice.

The simplest fix which appears to work is:

diff --git a/Allura/allura/lib/widgets/auth_widgets.py b/Allura/allura/lib/widgets/auth_widgets.py
index dada798..2f7dfef 100644
--- a/Allura/allura/lib/widgets/auth_widgets.py
+++ b/Allura/allura/lib/widgets/auth_widgets.py
@@ -16,7 +16,6 @@ class LoginForm(ForgeForm):
     class fields(ew_core.NameList):
         username = ew.TextField(label='Username')
         password = ew.PasswordField(label='Password')
-    class hidden_fields(ew_core.NameList):
         return_to = ew.HiddenField()

     @validator

However, this may be naive. Another fix would be:

diff --git a/Allura/allura/templates/widgets/forge_form.html b/Allura/allura/templates/widgets/forge_form.html
index a997522..1efab5b 100644
--- a/Allura/allura/templates/widgets/forge_form.html
+++ b/Allura/allura/templates/widgets/forge_form.html
@@ -24,6 +24,9 @@
       {{field.display(**ctx)}}
     {% endif %}
   {% endfor %}
+  {% for field in widget.hidden_fields %}
+      {{field.display(**ctx)}}
+  {% endfor %}
   <label class="grid-4">&nbsp;</label>
   <div class="grid-{{15 + extra_width}}">
     {% for b in buttons %}

This would affect more things that use forge_form.

Discussion

  • Dave Brondsema

    Dave Brondsema - 2012-09-05
    • milestone: limbo --> forge-backlog
     

  • Dave Brondsema

    Dave Brondsema - 2014-03-26
    • status: open --> closed
    • Milestone: forge-backlog --> forge-apr-4
     

  • Dave Brondsema

    Dave Brondsema - 2015-01-05
    • Milestone: unreleased --> asf_release_1.2.0
     

Log in to post a comment.