diff options
| author | Alexander Sulfrian <alexander@sulfrian.net> | 2016-01-24 03:55:49 +0100 |
|---|---|---|
| committer | Alexander Sulfrian <alexander@sulfrian.net> | 2016-02-02 04:22:16 +0100 |
| commit | 5e7e7fc832d26178a6036ed483fe3cfffe2b22b2 (patch) | |
| tree | c74302270b7c262d744876f1d2f93bc84c44a2ba /accounts/views/default | |
| parent | 6eb1db6bff15e1611767f5219ee1b4ea558e3d28 (diff) | |
| download | web-5e7e7fc832d26178a6036ed483fe3cfffe2b22b2.tar.gz web-5e7e7fc832d26178a6036ed483fe3cfffe2b22b2.tar.bz2 web-5e7e7fc832d26178a6036ed483fe3cfffe2b22b2.zip | |
Encrypt the session data by default
Before we just encrypted the password, now we encrypt the whole session
information by default.
Diffstat (limited to 'accounts/views/default')
| -rw-r--r-- | accounts/views/default/__init__.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/accounts/views/default/__init__.py b/accounts/views/default/__init__.py index c2099d5..52edb10 100644 --- a/accounts/views/default/__init__.py +++ b/accounts/views/default/__init__.py @@ -133,7 +133,7 @@ def lost_password_complete(token): current_app.user_backend.update(user, as_admin=True) session['username'] = username - session['password'] = encrypt_password(form.password.data) + session['password'] = form.password.data flash(u'Passwort geändert.', 'success') return redirect(url_for('.settings')) @@ -179,7 +179,7 @@ def settings(): if form.password.data: g.user.change_password(form.password.data, form.old_password.data) - session['password'] = encrypt_password(form.password.data) + session['password'] = form.password.data flash(u'Passwort geändert', 'success') changed = True |