Hi all,
I've recently updated to svn trunk and I think the new HMAC changes
are causing me an issue.
I have a custom admin view that handles uploads from the YUI flash
uploader. Unfortunately the flash applet doesn't send cookies with it,
so in order to check authentication in the page javascript I send the
session id in the post data.
This means in the view I have to manually check the session. This was
all working before, but now when I call "get_decoded()" I always get a
suspicious operation. I've deleted all my existing session data and I
still get it.
I've included some code below, I don't know if there's any other debug
output that could be helpful though.
try:
session = Session.objects.get(pk=session_id)
except Session.DoesNotExist:
raise PermissionDenied
userid = session.get_decoded().get('_auth_user_id', None)
Given enough time I could probably figure this out, but I'm wondering
if this counts as a backwards incompatible change or whether I've just
missed something in the docs etc
Cheers,
Peter
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
