Merge pull request #143 from Tivix/issue_116_fix_csrf_tokens_email_login

mariodev · mariodev · commit 7bd792480152 · 2015-12-22T08:46:01.000+01:00
fix demo by add csrf and modify account settings
diff --git a/demo/demo/settings.py b/demo/demo/settings.py
@@ -106,9 +106,9 @@
 REST_SESSION_LOGIN = False
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
 SITE_ID = 1
-ACCOUNT_EMAIL_REQUIRED = True
+ACCOUNT_EMAIL_REQUIRED = False
 ACCOUNT_AUTHENTICATION_METHOD = 'username'
-ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
+ACCOUNT_EMAIL_VERIFICATION = 'optional'
 
 REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': (
diff --git a/demo/templates/fragments/email_verification_form.html b/demo/templates/fragments/email_verification_form.html
@@ -1,5 +1,5 @@
 <!-- Signup form -->
-<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_verify_email' %}">
+<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_verify_email' %}">{% csrf_token %}
   <div class="form-group">
     <label for="key" class="col-sm-2 control-label">Key</label>
     <div class="col-sm-10">
diff --git a/demo/templates/fragments/login_form.html b/demo/templates/fragments/login_form.html
@@ -1,5 +1,5 @@
 <!-- Signup form -->
-<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_login' %}">
+<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_login' %}">{% csrf_token %}
   <div class="form-group">
     <label for="username" class="col-sm-2 control-label">Username</label>
     <div class="col-sm-10">
diff --git a/demo/templates/fragments/password_change_form.html b/demo/templates/fragments/password_change_form.html
@@ -1,6 +1,5 @@
 <!-- Signup form -->
-<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_password_change' %}">
-
+<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_password_change' %}">{% csrf_token %}
   <div class="form-group">
     <label for="new_password1" class="col-sm-2 control-label">Password</label>
     <div class="col-sm-10">
diff --git a/demo/templates/fragments/password_reset_confirm_form.html b/demo/templates/fragments/password_reset_confirm_form.html
@@ -1,5 +1,5 @@
 <!-- Signup form -->
-<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_password_reset_confirm' %}">
+<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_password_reset_confirm' %}">{% csrf_token %}
   <div class="form-group">
     <label for="uid" class="col-sm-2 control-label">Uid</label>
     <div class="col-sm-10">
diff --git a/demo/templates/fragments/password_reset_form.html b/demo/templates/fragments/password_reset_form.html
@@ -1,5 +1,5 @@
 <!-- Signup form -->
-<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_password_reset' %}">
+<form class="form-horizontal ajax-post" role="form" action="{% url 'rest_password_reset' %}">{% csrf_token %}
   <div class="form-group">
     <label for="email" class="col-sm-2 control-label">E-mail</label>
     <div class="col-sm-10">
diff --git a/demo/templates/fragments/signup_form.html b/demo/templates/fragments/signup_form.html
@@ -1,5 +1,5 @@
 <!-- Signup form -->
-<form class="form-horizontal ajax-post" id="signup" role="form" action="{% url 'rest_register' %}">
+<form class="form-horizontal ajax-post" id="signup" role="form" action="{% url 'rest_register' %}">{% csrf_token %}
   <div class="form-group">
     <label for="email" class="col-sm-2 control-label">Email</label>
     <div class="col-sm-10">
diff --git a/demo/templates/fragments/user_details_form.html b/demo/templates/fragments/user_details_form.html
@@ -1,5 +1,5 @@
 <!-- Signup form -->
-<form class="form-horizontal" id="signup" role="form" action="{% url 'rest_user_details' %}">
+<form class="form-horizontal" id="signup" role="form" action="{% url 'rest_user_details' %}">{% csrf_token %}
 
   <div class="form-group">
     <label for="email" class="col-sm-2 control-label">Email</label>
