diff options
Diffstat (limited to 'jimbrella/auth.py')
-rw-r--r-- | jimbrella/auth.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/jimbrella/auth.py b/jimbrella/auth.py index c7e2fa3..39d355b 100644 --- a/jimbrella/auth.py +++ b/jimbrella/auth.py @@ -38,19 +38,22 @@ def auth(action): if not check_password_hash(user["password"], password): return show_error("login", "Incorrect password. Sorry.") - else: + elif action == "register": if not ACCEPT_NEW_USERS: return show_error("register", "Sorry, but user registrations are closed.") try: users.register(username, generate_password_hash(password), "en-US") except UsernameTakenError as e: return show_error("register", e.message) + else: + abort(400) # give access session.clear() session["username"] = username return redirect(url_for("admin.index")) + @bp.route("/logout") def logout(): session.pop("username", None) |