From f90d871fb68d0ac8edd3e2949b7cebefa3637865 Mon Sep 17 00:00:00 2001
From: mdipierro <massimo.dipierro@gmail.com>
Date: Wed, 14 Nov 2012 14:12:32 -0600
Subject: [PATCH] fixed issue 1158, redirect client_side in auth forms embedded
 via LOAD, thanks PyCon support

---
 VERSION        |  2 +-
 gluon/http.py  |  2 +-
 gluon/tools.py | 31 ++++++++++++++++---------------
 3 files changed, 18 insertions(+), 17 deletions(-)

diff --git a/VERSION b/VERSION
index b80cd69e..156b9d80 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-Version 2.2.1 (2012-11-14 13:47:50) stable
+Version 2.2.1 (2012-11-14 14:12:26) stable
diff --git a/gluon/http.py b/gluon/http.py
index bd1f1411..c0dc1f9e 100644
--- a/gluon/http.py
+++ b/gluon/http.py
@@ -154,4 +154,4 @@ def redirect(location='', how=303, client_side=False):
         from gluon import current
         if client_side and current.request.ajax:
             raise HTTP(200, **{'web2py-component-command': 'window.location.reload(true)'})
-    
\ No newline at end of file
+    
diff --git a/gluon/tools.py b/gluon/tools.py
index af1356d7..694413c9 100644
--- a/gluon/tools.py
+++ b/gluon/tools.py
@@ -2066,7 +2066,8 @@ class Auth(object):
                     # invalid login
                     session.flash = self.messages.invalid_login
                     redirect(
-                        self.url(args=request.args, vars=request.get_vars))
+                        self.url(args=request.args, vars=request.get_vars),
+                        client_side=True)
 
         else:
             # use a central authentication server
@@ -2082,7 +2083,7 @@ class Auth(object):
             else:
                 # we need to pass through login again before going on
                 next = self.url(self.settings.function, args='login')
-                redirect(cas.login_url(next))
+                redirect(cas.login_url(next), client_side=True)
 
         # process authenticated users
         if user:
@@ -2105,14 +2106,14 @@ class Auth(object):
                 if next == session._auth_next:
                     session._auth_next = None
                 next = replace_id(next, form)
-                redirect(next)
+                redirect(next, client_side=True)
             table_user[username].requires = old_requires
             return form
         elif user:
             callback(onaccept, None)
         if next == session._auth_next:
             del session._auth_next
-        redirect(next)
+        redirect(next, client_side=True)
 
     def logout(self, next=DEFAULT, onlogout=DEFAULT, log=DEFAULT):
         """
@@ -2163,7 +2164,7 @@ class Auth(object):
         response = current.response
         session = current.session
         if self.is_logged_in():
-            redirect(self.settings.logged_url)
+            redirect(self.settings.logged_url, client_side=True)
         if next is DEFAULT:
             next = self.next or self.settings.register_next
         if onvalidation is DEFAULT:
@@ -2279,7 +2280,7 @@ class Auth(object):
                 next = self.url(args=request.args)
             else:
                 next = replace_id(next, form)
-            redirect(next)
+            redirect(next, client_side=True)
         return form
 
     def is_logged_in(self):
@@ -2527,7 +2528,7 @@ class Auth(object):
                 raise Exception
         except Exception:
             session.flash = self.messages.invalid_reset_password
-            redirect(next)
+            redirect(next, client_side=True)
         passfield = self.settings.password_field
         form = SQLFORM.factory(
             Field('new_password', 'password',
@@ -2552,7 +2553,7 @@ class Auth(object):
             session.flash = self.messages.password_changed
             if self.settings.login_after_password_change:
                 self.login_user(user)
-            redirect(next)
+            redirect(next, client_side=True)
         return form
 
     def request_reset_password(
@@ -2610,10 +2611,10 @@ class Auth(object):
             user = table_user(email=form.vars.email)
             if not user:
                 session.flash = self.messages.invalid_email
-                redirect(self.url(args=request.args))
+                redirect(self.url(args=request.args), client_side=True)
             elif user.registration_key in ('pending', 'disabled', 'blocked'):
                 session.flash = self.messages.registration_pending
-                redirect(self.url(args=request.args))
+                redirect(self.url(args=request.args), client_side=True)
             if self.email_reset_password(user):
                 session.flash = self.messages.email_sent
             else:
@@ -2624,7 +2625,7 @@ class Auth(object):
                 next = self.url(args=request.args)
             else:
                 next = replace_id(next, form)
-            redirect(next)
+            redirect(next, client_side=True)
         # old_requires = table_user.email.requires
         return form
 
@@ -2669,7 +2670,7 @@ class Auth(object):
         """
 
         if not self.is_logged_in():
-            redirect(self.settings.login_url)
+            redirect(self.settings.login_url, client_side=True)
         db = self.db
         table_user = self.table_user()
         s = db(table_user.id == self.user.id)
@@ -2719,7 +2720,7 @@ class Auth(object):
                     next = self.url(args=request.args)
                 else:
                     next = replace_id(next, form)
-                redirect(next)
+                redirect(next, client_side=True)
         return form
 
     def profile(
@@ -2739,7 +2740,7 @@ class Auth(object):
 
         table_user = self.table_user()
         if not self.is_logged_in():
-            redirect(self.settings.login_url)
+            redirect(self.settings.login_url, client_side=True)
         passfield = self.settings.password_field
         table_user[passfield].writable = False
         request = current.request
@@ -2775,7 +2776,7 @@ class Auth(object):
                 next = self.url(args=request.args)
             else:
                 next = replace_id(next, form)
-            redirect(next)
+            redirect(next, client_side=True)
         return form
 
     def is_impersonating(self):