more tweaks to ensure all auth is done over SSL, and then redirects to non-SSL

a4ed1525 · Ben Adida · 808d4f5a · a4ed1525 · a4ed1525
Commit a4ed1525 authored 14 years ago by Ben Adida
--- a/auth/templates/login_box.html
+++ b/auth/templates/login_box.html
@@ -17,7 +17,7 @@
 </form>
 {% else %}
 <p>
-    <a href="{% url auth.views.start system_name=auth_system %}?return_url={{return_url}}" style="font-size: 1.4em;">
+    <a href="{{SECURE_URL_HOST}}{% url auth.views.start system_name=auth_system %}?return_url={{return_url}}" style="font-size: 1.4em;">
 <img border="0" height="35" src="/static/auth/login-icons/{{auth_system}}.png" alt="{{auth_system}}" /> {{auth_system}}
 {% endifequal %}
 </a>

--- a/helios/views.py
+++ b/helios/views.py
@@ -421,7 +421,7 @@ def one_election_cast(request, election):
  on a GET, this is a cancellation, on a POST it's a cast
  """
  if request.method == "GET":
-    return HttpResponseRedirect(reverse(one_election_view, args = [election.uuid]))
+    return HttpResponseRedirect("%s%s" % (settings.URL_HOST, reverse(one_election_view, args = [election.uuid])))
    
  user = get_user(request)    
  encrypted_vote = request.POST['encrypted_vote']