Commits

Zhang Huangbin  committed e77207e

Handle empty username/password.

  • Participants
  • Parent commits 46ab12e

Comments (0)

Files changed (2)

File controllers/ldap/basic.py

         i = web.input()
 
         username = web.safestr(i.get('username').strip())
+        password = i.get('password').strip()
+        save_pass = web.safestr(i.get('save_pass', 'no').strip())
+
+        if len(username) == 0 or len(password) == 0:
+            return render.login(msg='EMPTY_USER_PW')
 
         # Convert username to ldap dn.
         userdn = ldaputils.convEmailToAdminDN(username)
-        if not userdn:
-            return render.login(msg='INVALID_USERNAME')
-
-        password = i.get('password').strip()
-        save_pass = web.safestr(i.get('save_pass', 'no').strip())
 
         # Return True if auth success, otherwise return error msg.
         self.auth_result = auth.Auth(userdn, password)

File templates/default/ldap/login.html

 
     {# Show error msg if available #}
     {% if msg is defined and msg is not sameas none %}
-    <div class="ct-box error-box">
-        <p class="warn"><strong>{{ _('Error:') }}</strong>
+    <div class="ct-box warn-box">
+        <div class="error"><strong>{{ _('Error:') }}</strong>
         {% if msg == 'INVALID_CREDENTIALS' %}
             {{ _('Username or password is incorrect.') }}
         {% elif msg == 'INVALID_USERNAME' %}
             {{ _('Username must be an valid email address.') }}
         {% elif msg == 'loginRequired' %}
             {{ _('Login required') }}
+        {% elif msg == 'EMPTY_USER_PW' %}
+            {{ _('Username or password is empty.') }}
         {% elif msg == 'SERVER_DOWN' %}
             {{ _('Server is down, Please contact <a href="mailto:%s">webmaster</a> to solve it.' % webmaster ) }}
         {% elif msg is sameas false %}
         {% else %}
             {{msg}}
         {% endif %}
-        </p>
+        </div>
     </div>
     {% endif %}