In addition to fixing #616 and #667, my recent commit to the identity framework addresses the flaws highlighted by Paul Boehm (regarding a security hole when forwarding in the login handler) and Baruch Even (not seeing a message for invalid credentials during a login attempt).
I also added a function to identity to check whether a login was attempted. It's conveniently named: was_login_attempted. You can see an example of this in use in the updated login controller method in quickstarted projects. Please let me know whether I fat-fingered anything or if I left my brain switched off again... Jeff -- Jeff Watkins [EMAIL PROTECTED] "We're growing the government at a pace that makes Democrats look thrifty." -- Senator Lindsey Graham (R South Carolina) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears-trunk -~----------~----~----~----~------~----~------~--~---
