Roundup Tracker - Issues

Message5843

Author rouilj
Recipients ber, eadler, joseph_myers, rouilj, schlatterbeck
Date 2016-07-13.00:22:31
Message-id <1468369353.58.0.139192788586.issue2550690@psf.upfronthosting.co.za>
In-reply-to 
I wonder if we could use the one time key mechanism used for password
resets here as well.

For each form we generate a template function that produces:

  <hidden name="otk" value="....." >

and change RetireAction, RestoreAction, EditCSVAction,
EditItemAction::handler, NewItemAction::handler, RegisterActon::hander,
(maybe SearchAction) to verify the otk against what is stored
int he session database.

Would this basic idea work?
History
Date User Action Args
2016-07-13 00:22:33rouiljsetmessageid: <1468369353.58.0.139192788586.issue2550690@psf.upfronthosting.co.za>
2016-07-13 00:22:33rouiljsetrecipients: + rouilj, schlatterbeck, ber, joseph_myers, eadler
2016-07-13 00:22:33rouiljlinkissue2550690 messages
2016-07-13 00:22:32rouiljcreate

Supported by The Python Software Foundation,
Powered by Roundup

Last modified: Fri Feb 28 22:02:04 EST 2020