Fixed so empty credentials are tested

2025-03-20 06:50:23 +03:00 · 2015-11-16 12:35:12 +01:00 · 2015-11-16 12:35:12 +01:00 · 51fb42db10
commit 51fb42db10
parent a352059ddc
2 changed files with 11 additions and 4 deletions
--- a/server/src/uds/templates/uds/html5/login.html
+++ b/server/src/uds/templates/uds/html5/login.html
@ -72,7 +72,7 @@
 						    {% endfor %}
 						    <div class="form-group">
 				                <input id="id_{{form.user.name}}" name="{{form.user.name}}" type="text" class="form-control" placeholder="{% trans 'username'|capfirst %}" autofocus required>
-				                <input id="id_{{form.password.name}}" name="{{form.password.name}}" type="password" class="form-control" placeholder="{% trans 'password'|capfirst %}">
+				                <input id="id_{{form.password.name}}" name="{{form.password.name}}" type="password" class="form-control" placeholder="{% trans 'password'|capfirst %}" required>
 				                {{ form.authenticator }}
 			                </div>
 			                <button class="btn btn-lg btn-primary btn-block" type="submit"><span class="fa fa-sign-in"></span> {% trans 'Sign in' %}</button>
--- a/server/src/uds/web/views/login.py
+++ b/server/src/uds/web/views/login.py
@ -34,6 +34,7 @@ from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import render_to_response
 from django.template import RequestContext
 from django.core.urlresolvers import reverse
+from django.utils.translation import ugettext

 from uds.core.auths.auth import webLogin, authenticate, authLogLogin, authLogLogout, getUDSCookie, webLoginRequired, webLogout
 from uds.models import Authenticator
@ -48,7 +49,7 @@ import uds.web.errors as errors
 import logging

 logger = logging.getLogger(__name__)
-__updated__ = '2015-05-12'
+__updated__ = '2015-11-16'


 def login(request, tag=None):
@ -100,14 +101,18 @@ def login(request, tag=None):
                form.add_form_error('Too many authentication errors. User temporarily  blocked.')
                authLogLogin(request, authenticator, userName, 'Temporarily blocked')
            else:
-                user = authenticate(userName, form.cleaned_data['password'], authenticator)
+                password = form.cleaned_data['password']
+                user = None
+                if password == '':
+                    password = 'axd56adhg466jasd6q8sadñ€sáé--v'
+                user = authenticate(userName, password, authenticator)
                logger.debug('User: {}'.format(user))

                if user is None:
                    logger.debug("Invalid credentials for user {0}".format(userName))
                    tries += 1
                    cache.put(cacheKey, tries, GlobalConfig.LOGIN_BLOCK.getInt())
-                    form.add_form_error('Invalid credentials')
+                    form.add_form_error(ugettext('Invalid credentials'))
                    authLogLogin(request, authenticator, userName, 'Invalid credentials')
                else:
                    logger.debug('User {} has logged in'.format(userName))
@ -118,6 +123,8 @@ def login(request, tag=None):
                    request.session['OS'] = os
                    authLogLogin(request, authenticator, user.name)
                    return response
+        else:
+            logger.info('Invalid form received')
    else:
        form = LoginForm(tag=tag)