issue 909, secure login_bare, thanks szimszon

2012-07-26 17:42:20 -05:00
parent 80a635f5ef
commit 4665d8b962
2 changed files with 2 additions and 2 deletions
@@ -1 +1 @@
-Version 2.00.0 (2012-07-26 17:37:45) dev
+Version 2.00.0 (2012-07-26 17:42:17) dev
@@ -1627,7 +1627,7 @@ class Auth(object):
            userfield = 'email'
        passfield = self.settings.password_field
        user = self.db(table_user[userfield] == username).select().first()
-        if user:
+        if user and user.get(passfield,False):
            password = table_user[passfield].validate(password)[0]
            if not user.registration_key and password == user[passfield]:
                user = Storage(table_user._filter_fields(user, id=True))