Commits

Anonymous committed 0ef2e7f

handle logout and expired sessions better

Comments (0)

Files changed (2)

devauth/__init__.py

                 html_escape(back))
         template = HTMLTemplate.from_filename(os.path.join(os.path.dirname(__file__), 'login.html'))
         resp = Response(template.substitute(req=req, msg=msg, back=back, middleware=self))
-        resp.delete_cookie('__devauth')
+        try:
+            if req.cookies.get('__devauth'):
+                self.read_cookie(req, req.cookies['__devauth'])
+        except exc.HTTPException:
+            # This means the cookie is invalid
+            resp.delete_cookie('__devauth')
         return resp
 
     def check_login(self, username, password):
         Logout
         """
         back = req.GET.get('back', '/')
-        resp = exc.HTTPFound(back)
+        resp = exc.HTTPFound(location=back)
         resp.delete_cookie('__devauth')
         return resp
 

devauth/login.html

   <tr>
     <td>Username:</td>
     <td><input type="text" name="username" value="{{req.params.get('username')}}"
-         style="width: 15em">
+         style="width: 15em" id="username">
     </td>
   </tr>
   <tr>
 
 </form>
 
+<script type="text/javascript">
+document.getElementById('username').focus();
+</script>
+
 </body> </html>