From: Matthijs Kooijman <matthijs@stdin.nl>
Date: Fri, 1 Feb 2008 11:31:10 +0000 (+0100)
Subject:  * Let newly created phpbb users get an unusable password.
X-Git-Url: https://git.stderr.nl/gitweb?p=matthijs%2Fprojects%2Fxerxes.git;a=commitdiff_plain;h=889fc62a39fd7ea0f1ff70178be4fabf634e9097

 * Let newly created phpbb users get an unusable password.
 * Add a conn.close() to prevent resource leaks.
 * Remove debug output from auth.py
---

diff --git a/auth.py b/auth.py
index 88f9f63..64f4daf 100644
--- a/auth.py
+++ b/auth.py
@@ -63,7 +63,7 @@ class PhpBBBackend:
 
         # No data? No login.
         if (cursor.rowcount == 0):
-            print("User %s not found", username)
+            conn.close()
             return False
        
         # Check password
@@ -82,21 +82,18 @@ class PhpBBBackend:
     Most of this code has been taken from Django's user auth tutorial.
     """
     def authenticate(self, username=None, password=None):
-        print password
         email = self.check_login(username, password)
         if email:
-            print "Login checked out"
             try:
                 user = User.objects.get(username=username)
             except User.DoesNotExist:
-                print "User did nog exist"
                 # Create a new user. Note that we can set password
                 # to anything, because it won't be checked; the password
                 # from settings.py will.
                 user = User(username=username, password='get from settings.py')
                 user.email = email
+                user.set_unusable_password()
                 user.save()
-            print user
             return user
         else:
             return None