Merge pull request #772 from yodax/generic-login-message
Make control panel login failed messages generic - don't reveal if an email address has an account on the system.
This commit is contained in:
commit
252c35c66e
1 changed files with 2 additions and 2 deletions
|
@ -43,7 +43,7 @@ def authorized_personnel_only(viewfunc):
|
|||
except ValueError as e:
|
||||
# Authentication failed.
|
||||
privs = []
|
||||
error = str(e)
|
||||
error = "Incorrect username or password"
|
||||
|
||||
# Authorized to access an API view?
|
||||
if "admin" in privs:
|
||||
|
@ -119,7 +119,7 @@ def me():
|
|||
except ValueError as e:
|
||||
return json_response({
|
||||
"status": "invalid",
|
||||
"reason": str(e),
|
||||
"reason": "Incorrect username or password",
|
||||
})
|
||||
|
||||
resp = {
|
||||
|
|
Loading…
Reference in a new issue