On Sun, 2013-03-10 at 11:29 +0100, Pierre-Yves Chibon wrote:
The idea here is to prevent someone from login in via the API
mechanism and performs action which are outside of the API.
Arf, sorry I mixed up the reference email, this one has a fix rather
+ flask.g.user = user
It kind of doesn't work without this :)