# HG changeset patch
# User paulb
# Date 1085864965 0
# Node ID d475f56082c504f29e9fbb110b421df37c51743c
# Parent  ecc6825a869fa3c5f07f403094d2d30543dc1fc5
[project @ 2004-05-29 21:09:25 by paulb]
Added encoding of redirect URL information.
Fixed the case where cookie values can be None.

diff -r ecc6825a869f -r d475f56082c5 examples/Common/LoginRedirect/__init__.py
--- a/examples/Common/LoginRedirect/__init__.py	Sat May 29 21:08:48 2004 +0000
+++ b/examples/Common/LoginRedirect/__init__.py	Sat May 29 21:09:25 2004 +0000
@@ -42,9 +42,15 @@
         else:
             # Redirect to the login URL.
 
-            trans.set_header_value("Location", "%s?redirect=%s%s" % (self.login_url, self.app_url, trans.get_path()))
+            trans.set_header_value("Location", "%s?redirect=%s%s" % (self.login_url, self.app_url, self._encode(trans.get_path())))
             trans.set_response_code(307)
 
+    def _encode(self, url):
+
+        "Encode the given 'url' for redirection purposes."
+
+        return url.replace("?", "%3f").replace("&", "%26")
+
 class LoginRedirectAuthenticator:
 
     """
@@ -63,7 +69,7 @@
         "Authenticate the originator of 'trans', updating the object if successful."
 
         cookie = trans.get_cookie(self.cookie_name)
-        if cookie is None:
+        if cookie is None or cookie.value is None:
             return 0
 
         # Test the token from the cookie against a recreated token using the
@@ -71,7 +77,6 @@
         # NOTE: This should be moved into a common library.
 
         username, code = cookie.value.split(":")
-        print "*", username, code
         if code == md5.md5(username + self.secret_key).hexdigest():
 
             # Update the transaction with the user details.