Fix error returned from login plugins

Some login plugins use form based authentication and let the user retry on authentication errors. This is fine, however the wrong error code is returned in this case, 401 should be returned. Fixes: https://fedorahosted.org/ipsilon/ticket/94 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Nathan Kinder <nkinder@redhat.com>
author: Simo Sorce <simo@redhat.com> 2015-03-17 19:01:59 -0400
committer: Simo Sorce <simo@redhat.com> 2015-03-17 20:37:19 -0400
commit: 0b40c36998ed29c7e98a8cf5f42a798e0bec0870 (patch)
tree: 751f561b495be02e5188dbe3a76a76352fad0bc3
parent: b6cf2a56cf951b059e2755742522413c304e858e (diff)
download: ipsilon-0b40c36998ed29c7e98a8cf5f42a798e0bec0870.tar.gz
ipsilon-0b40c36998ed29c7e98a8cf5f42a798e0bec0870.tar.xz
ipsilon-0b40c36998ed29c7e98a8cf5f42a798e0bec0870.zip
5 files changed, 7 insertions, 0 deletions
diff --git a/ipsilon/login/authfas.py b/ipsilon/login/authfas.py
index 46dd7b7..4ae0dc4 100644
--- a/ipsilon/login/authfas.py
+++ b/ipsilon/login/authfas.py
@@ -75,6 +75,7 @@ class FAS(LoginFormBase):
             error_password=not password,
             error_username=not username
         )
+        self.lm.set_auth_error()
         # pylint: disable=star-args
         return self._template(self.formtemplate, **context)
 
diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py
index 0161abc..f383003 100644
--- a/ipsilon/login/authldap.py
+++ b/ipsilon/login/authldap.py
@@ -82,6 +82,7 @@ class LDAP(LoginFormBase, Log):
             error_password=not password,
             error_username=not username
         )
+        self.lm.set_auth_error()
         # pylint: disable=star-args
         return self._template('login/form.html', **context)
 
diff --git a/ipsilon/login/authpam.py b/ipsilon/login/authpam.py
index 104dd4c..ba8ecdd 100644
--- a/ipsilon/login/authpam.py
+++ b/ipsilon/login/authpam.py
@@ -61,6 +61,7 @@ class Pam(LoginFormBase):
             error_password=not password,
             error_username=not username
         )
+        self.lm.set_auth_error()
         # pylint: disable=star-args
         return self._template('login/form.html', **context)
 
diff --git a/ipsilon/login/authtest.py b/ipsilon/login/authtest.py
index 6c11ba1..d7a49d8 100644
--- a/ipsilon/login/authtest.py
+++ b/ipsilon/login/authtest.py
@@ -48,6 +48,7 @@ class TestAuth(LoginFormBase):
             error_password=not password,
             error_username=not username
         )
+        self.lm.set_auth_error()
         # pylint: disable=star-args
         return self._template('login/form.html', **context)
 
diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py
index 60f6df1..a3020a4 100644
--- a/ipsilon/login/common.py
+++ b/ipsilon/login/common.py
@@ -122,6 +122,9 @@ class LoginManagerBase(PluginConfig, PluginObject):
 
         raise cherrypy.HTTPRedirect(transdata['login_return'])
 
+    def set_auth_error(self):
+        cherrypy.response.status = 401
+
     def get_tree(self, site):
         raise NotImplementedError
author	Simo Sorce <simo@redhat.com>	2015-03-17 19:01:59 -0400
committer	Simo Sorce <simo@redhat.com>	2015-03-17 20:37:19 -0400
commit	0b40c36998ed29c7e98a8cf5f42a798e0bec0870 (patch)
tree	751f561b495be02e5188dbe3a76a76352fad0bc3
parent	b6cf2a56cf951b059e2755742522413c304e858e (diff)
download	ipsilon-0b40c36998ed29c7e98a8cf5f42a798e0bec0870.tar.gz ipsilon-0b40c36998ed29c7e98a8cf5f42a798e0bec0870.tar.xz ipsilon-0b40c36998ed29c7e98a8cf5f42a798e0bec0870.zip