From 4665d8b9627e465cc61c8d1624a549a7c2c2709a Mon Sep 17 00:00:00 2001
From: mdipierro <massimo.dipierro@gmail.com>
Date: Thu, 26 Jul 2012 17:42:20 -0500
Subject: [PATCH] issue 909, secure login_bare, thanks szimszon

---
 VERSION        | 2 +-
 gluon/tools.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/VERSION b/VERSION
index f31afd5b..747c91ff 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-Version 2.00.0 (2012-07-26 17:37:45) dev
+Version 2.00.0 (2012-07-26 17:42:17) dev
diff --git a/gluon/tools.py b/gluon/tools.py
index 48943cb4..28e7129b 100644
--- a/gluon/tools.py
+++ b/gluon/tools.py
@@ -1627,7 +1627,7 @@ class Auth(object):
             userfield = 'email'
         passfield = self.settings.password_field
         user = self.db(table_user[userfield] == username).select().first()
-        if user:
+        if user and user.get(passfield,False):
             password = table_user[passfield].validate(password)[0]
             if not user.registration_key and password == user[passfield]:
                 user = Storage(table_user._filter_fields(user, id=True))