Avoids HTTP 403 on reset password, seehttps://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf.
--- a/src/cm/settings.py Tue May 15 14:15:34 2012 +0200
+++ b/src/cm/settings.py Thu May 17 23:58:03 2012 +0200
@@ -78,6 +78,7 @@
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.locale.LocaleMiddleware',
'djangoflash.middleware.FlashMiddleware',
+ 'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'cm.middleware.CmMiddleware',
)
--- a/src/cm/templates/site/forgot_pw.html Tue May 15 14:15:34 2012 +0200
+++ b/src/cm/templates/site/forgot_pw.html Thu May 17 23:58:03 2012 +0200
@@ -14,7 +14,7 @@
<h1>{% blocktrans %}Reset my password{% endblocktrans %}</h1>
{% if form %}
-<form id="profile" enctype="multipart/form-data" class="wizard-form" action="." method="post">
+<form id="profile" enctype="multipart/form-data" class="wizard-form" action="." method="post">{% csrf_token %}
<table class="wide_form">
<tbody>
@@ -45,4 +45,4 @@
<br />
<br />
{% endif %}
-{% endblock %}
\ No newline at end of file
+{% endblock %}
--- a/src/cm/templates/site/login_form.html Tue May 15 14:15:34 2012 +0200
+++ b/src/cm/templates/site/login_form.html Thu May 17 23:58:03 2012 +0200
@@ -1,7 +1,7 @@
{% load i18n %}
<div id="login_container">
-<form id="login" enctype="multipart/form-data" class="wizard-form" action="{% url login %}" method="post">
+<form id="login" enctype="multipart/form-data" class="wizard-form" action="{% url login %}" method="post">{% csrf_token %}
<div class="underline_border">
{% blocktrans with CONF.workspace_name as wname %}{{ wname }} Login{% endblocktrans %}
--- a/src/cm/templates/site/reset_pw.html Tue May 15 14:15:34 2012 +0200
+++ b/src/cm/templates/site/reset_pw.html Thu May 17 23:58:03 2012 +0200
@@ -27,4 +27,4 @@
</tbody>
</table>
</form>
-{% endblock %}
\ No newline at end of file
+{% endblock %}