diff --git a/auth/auth_systems/password.py b/auth/auth_systems/password.py
index e9b6e0f5d97a71d0e5dbcd8a9a7182af9ccd419c..f57dfb79cdbce8c40199ae42096afb0072e09d36 100644
--- a/auth/auth_systems/password.py
+++ b/auth/auth_systems/password.py
@@ -57,7 +57,7 @@ def password_login_view(request):
if request.POST.has_key('return_url'):
request.session['auth_return_url'] = request.POST.get('return_url')
- request.session['user'] = user
+ request.session['password_user'] = user
return HttpResponseRedirect(reverse(after))
except User.DoesNotExist:
pass
@@ -101,7 +101,7 @@ def get_auth_url(request, redirect_url = None):
return reverse(password_login_view)
def get_user_info_after_auth(request):
- user = request.session['user']
+ user = request.session['password_user']
user_info = user.info
return {'type': 'password', 'user_id' : user.user_id, 'name': user.name, 'info': user.info, 'token': None}
diff --git a/auth/views.py b/auth/views.py
index 7aef37c3d9b55498e87e106e22d631655b6af2c5..605fe175fc09ecb28bedbd439505e433718658cf 100644
--- a/auth/views.py
+++ b/auth/views.py
@@ -81,6 +81,12 @@ def do_local_logout(request):
# but we definitely kill the session and renew
# the cookie
field_names_to_save = request.session.get(FIELDS_TO_SAVE, [])
+
+ # let's clean up the self-referential issue:
+ field_names_to_save = set(field_names_to_save)
+ field_names_to_save.remove(FIELDS_TO_SAVE)
+ field_names_to_save = list(field_names_to_save)
+
fields_to_save = dict([(name, request.session.get(name, None)) for name in field_names_to_save])
# let's not forget to save the list of fields to save
@@ -126,8 +132,9 @@ def logout(request):
def start(request, system_name):
if not (system_name in auth.ENABLED_AUTH_SYSTEMS):
return HttpResponseRedirect(reverse(index))
-
- request.session.save()
+
+ # why is this here? Let's try without it
+ # request.session.save()
# store in the session the name of the system used for auth
request.session['auth_system_name'] = system_name