feed csrf token from 18

hjwp · hjwp · commit ead9eaf71144 · 2024-07-10T12:32:04.000+01:00
diff --git a/chapter_18_spiking_custom_auth.asciidoc b/chapter_18_spiking_custom_auth.asciidoc
@@ -842,6 +842,7 @@ form for the login email:
               class="form-control"
               placeholder="your@email.com"
             />
+            {% csrf_token %}
           </div>
         </form>
       </div>
diff --git a/chapter_19_mocking.asciidoc b/chapter_19_mocking.asciidoc
@@ -504,8 +504,7 @@ see if they start to make more sense as we use them more.
 
 
 
-Getting the FT a Little Further Along
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+==== Getting the FT a Little Further Along
 
 First let's get back to our FT and see where it's failing:
 
@@ -517,27 +516,23 @@ AssertionError: 'Check your email' not found in 'Superlists\nEnter email to log
 in:\nStart a new To-Do list'
 ----
 
-Submitting the email address currently has no effect, because the form isn't
-sending the data anywhere.  Let's wire it up in
-'base.html':footnote:[I've split
-the form tag across three lines so it fits nicely in the book. If
-you've not seen it before, it may look a little weird to you, but it is valid
-HTML.  You don't have to use it if you don't like it though. :)]
-
+Submitting the email address currently has no effect,
+because the form isn't sending the data anywhere.
+Let's wire it up in _base.html_:
 
 [role="sourcecode small-code"]
 .src/lists/templates/base.html (ch19l012)
 ====
 [source,html]
 ----
-<form class="navbar-form navbar-right"
-      method="POST"
-      action="{% url 'send_login_email' %}">
+<form method="POST" action="{% url 'send_login_email' %}">
 ----
 ====
 
-Does that help?  Nope, same error.  Why?  Because we're not actually displaying
-a success message after we send the user an email.   Let's add a test for that.
+Does that help?  Nope, same error.  Why?
+Because we're not actually displaying a success message
+after we send the user an email.
+Let's add a test for that.
 
 
 ==== Testing the Django Messages Framework
@@ -1850,16 +1845,24 @@ and non–logged-in users (which our FT relies on):
   <div class="container-fluid">
     <a class="navbar-brand" href="/">Superlists</a>
     {% if user.email %}
-      <!-- TODO put in a ul -->
-      <span class="navbar-text">Logged in as {{ user.email }}</span>
-      <a href="#">Log out</a>
+      <ul>
+        <span class="navbar-text">Logged in as {{ user.email }}</span>
+        <a href="{% url 'logout' %}">Log out</a>
+      </ul>
     {% else %}
-      <form class="navbar-form navbar-right"
-            method="POST"
-            action="{% url 'send_login_email' %}">
-        <span>Enter email to log in:</span>
-        <input class="form-control" name="email" type="text" />
-        {% csrf_token %}
+      <form method="POST" action="{% url 'send_login_email' %}">
+        <div class="input-group">
+          <label class="navbar-text me-2" for="id_email_input">
+            Enter your email to log in
+          </label>
+          <input
+            id="id_email_input"
+            name="email"
+            class="form-control"
+            placeholder="your@email.com"
+          />
+          {% csrf_token %}
+        </div>
       </form>
     {% endif %}
   </div>
diff --git a/source/chapter_19_mocking/superlists b/source/chapter_19_mocking/superlists
@@ -1 +1 @@
-Subproject commit 81ed4cdb3a17d687c1a7b0ab9fe1dbe5885820ed
+Subproject commit 743c209833496ce354fb850f04fd359af7c292fa

-Original file line number
+Diff line change
               class="form-control"
               placeholder="[email protected]"
             />
 +            {% csrf_token %}
           </div>
         </form>
       </div>