[FIX] /web/login restore request.uid in case of authentication failure

bzr revid: fme@openerp.com-20140423100749-t4y4oi01tszn3z5a
2014-04-23 12:07:49 +02:00 · 2014-04-23 12:07:49 +02:00 · 679d278d25
parent b6d83483b2
commit 679d278d25
1 changed files with 2 additions and 0 deletions
--- a/addons/web/controllers/main.py
+++ b/addons/web/controllers/main.py
@ -682,9 +682,11 @@ class Home(http.Controller):
            redirect = '/web?' + request.httprequest.query_string
        values['redirect'] = redirect
        if request.httprequest.method == 'POST':
+            old_uid = request.uid
            uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
            if uid is not False:
                return http.redirect_with_hash(redirect)
+            request.uid = old_uid
            values['error'] = "Wrong login/password"
        return render_bootstrap_template('web.login', values)