diff options
| author | Adrian Holovaty <adrian@holovaty.com> | 2006-01-16 18:54:41 +0000 |
|---|---|---|
| committer | Adrian Holovaty <adrian@holovaty.com> | 2006-01-16 18:54:41 +0000 |
| commit | d5a5f0f79007fdb2302cf86d2bb97739964f0a03 (patch) | |
| tree | 6178f796c176662775b1a8edb8376485da238797 /django/contrib/admin/views/decorators.py | |
| parent | c4ab08a7a52be0ec99a0a5c5753f5959204d003a (diff) | |
Fixed #1234 -- Fixed admin problem with login status getting out of sync with multiple windows/tabs. Thanks, oggie rob
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2010 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'django/contrib/admin/views/decorators.py')
| -rw-r--r-- | django/contrib/admin/views/decorators.py | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/django/contrib/admin/views/decorators.py b/django/contrib/admin/views/decorators.py index 4e65f87669..5ddc17fa85 100644 --- a/django/contrib/admin/views/decorators.py +++ b/django/contrib/admin/views/decorators.py @@ -3,7 +3,7 @@ from django.conf.settings import SECRET_KEY from django.models.auth import users from django.utils import httpwrappers from django.utils.translation import gettext_lazy -import base64, md5 +import base64, datetime, md5 import cPickle as pickle ERROR_MESSAGE = gettext_lazy("Please enter a correct username and password. Note that both fields are case-sensitive.") @@ -47,6 +47,10 @@ def staff_member_required(view_func): def _checklogin(request, *args, **kwargs): if not request.user.is_anonymous() and request.user.is_staff: # The user is valid. Continue to the admin page. + if request.POST.has_key('post_data'): + # User must have re-authenticated through a different window + # or tab. + request.POST = _decode_post_data(request.POST['post_data']) return view_func(request, *args, **kwargs) assert hasattr(request, 'session'), "The Django admin requires session middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.middleware.sessions.SessionMiddleware'." @@ -84,6 +88,8 @@ def staff_member_required(view_func): else: if user.check_password(request.POST.get('password', '')): request.session[users.SESSION_KEY] = user.id + user.last_login = datetime.datetime.now() + user.save() if request.POST.has_key('post_data'): post_data = _decode_post_data(request.POST['post_data']) if post_data and not post_data.has_key(LOGIN_FORM_KEY): |