views.py: prevent exception on unknown user login
Attempting authentication without specifying a login, or when the login is not known, causes an unhandled exception to be raised in `security.py` because `None` is passed to `check_password()` as the hashed password to check against.
(cherry picked from commit b83d693)
| | |
|---|
| | | if 'form.submitted' in request.params: |
|---|
| | | login = request.params['login'] |
|---|
| | | password = request.params['password'] |
|---|
| | | if check_password(password, USERS.get(login)): |
|---|
| | | hashed_pw = USERS.get(login) |
|---|
| | | if hashed_pw and check_password(password, hashed_pw): |
|---|
| | | headers = remember(request, login) |
|---|
| | | return HTTPFound(location=came_from, |
|---|
| | | headers=headers) |
|---|
