Richard Jones committed 046ffbe


  • Participants
  • Parent commits aebd9b2

Comments (0)

Files changed (2)

File templates/

+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">
+<html xmlns:tal=""
+      xmlns:metal=""
+      metal:use-macro="standard_template/macros/page">
+  <metal:fill fill-slot="body">
+        <p>If you want to allow another site to access your PyPI account
+        you need to log into PyPI first.</p>
+  </metal:fill>
     def oauth_authorise(self):
         if 'oauth_token' not in self.form:
             raise FormRequest('oauth_token and oauth_callback are required')
+        if not self.authenticated:
+            self.write_template('',
+                title="OAuth authorisation attempt")
+            return
         oauth_token = self.form['oauth_token']
         oauth_callback = self.form['oauth_callback']
         if not ok:
             raise RedirectTemporary(oauth_callback)
-        # register the user agains the request token
+        # register the user against the request token
         s.authorize_token(oauth_token, self.username)
         # commit all changes now