bodhi/templates/master.html | 12 ++++++++++-- bodhi/templates/master.kid | 13 +++++++++++-- 2 files changed, 21 insertions(+), 4 deletions(-)
New commits: commit e72d070d00303e041c091876197871e3b4b47cb7 Author: Toshio Kuratomi toshio@fedoraproject.org Date: Thu Oct 27 11:35:34 2011 -0700
Change login link so that it can be friendlier if only a missing csrf_token is preventing a use from being deemed logeed in.
diff --git a/bodhi/templates/master.html b/bodhi/templates/master.html index 6ee26c8..387db05 100644 --- a/bodhi/templates/master.html +++ b/bodhi/templates/master.html @@ -106,8 +106,16 @@ $(document).ready(function() { </li> <li class="release"><a href="${tg.url('/comments')}" class="link">Comments</a><a href="${tg.url('/rss/rss2.0?comments=True')}" class="rsslink"><img src="${tg.url('/static/images/rss.png')}" /></a> </li> - <li py:if="not tg.identity.anonymous"><a href="${tg.url('/logout')}">Logout</a></li> - <li py:if="tg.identity.anonymous"><a href="${tg.url('/login')}">Login</a></li> + <li py:if="tg.identity.anonymous and not tg.identity.only_token"> + <a href="${tg.url('/login')}">Login</a> + </li> + <li py:if="tg.identity.anonymous and tg.identity.only_token"> + <a href="${tg.url(tg.request.path_info)}">CSRF protected<br /> + Verify Login</a> + </li> + <li py:if="not tg.identity.anonymous or tg.identity.only_token"> + <a href="${tg.url('/logout')}">Logout</a> + </li> </ul> </div> <!-- leftside END --> diff --git a/bodhi/templates/master.kid b/bodhi/templates/master.kid index f31bd89..3e7bcca 100644 --- a/bodhi/templates/master.kid +++ b/bodhi/templates/master.kid @@ -88,8 +88,17 @@ $(document).ready(function() { </ul> </div> <ul id="fedora-side-nav"> - <li py:if="not tg.identity.anonymous"><a href="${tg.url('/logout')}">Logout</a></li> - <li py:if="tg.identity.anonymous"><a href="${tg.url('/login')}">Login</a></li> + <li py:if="tg.identity.anonymous and not tg.identity.only_token"> + <a href="${tg.url('/login')}">Login</a> + </li> + <li py:if="tg.identity.anonymous and tg.identity.only_token"> + <a href="${tg.url(tg.request.path_info)}"> + CSRF protected<br /> + Verify Login</a> + </li> + <li py:if="not tg.identity.anonymous or tg.identity.only_token"> + <a href="${tg.url('/logout')}">Logout</a> + </li> <li><a href="${tg.url('/')}">${tg.identity.anonymous and ' ' or "%s's " % tg.identity.user_name}Home</a></li> <li py:if="not tg.identity.anonymous"><a href="${tg.url('/mine')}">My Updates (${PackageUpdate.select(PackageUpdate.q.submitter == tg.identity.user_name).count()})</a></li> <li py:if="not tg.identity.anonymous"><a href="${tg.url('/new/')}">New Update</a></li>