[4.0.x] Avoided suggestion of plain text database password in sessions topic.

Backport of ccafad2e42 from main
This commit is contained in:
Luke Plant 2022-01-04 05:47:24 +00:00 committed by Mariusz Felisiak
parent fe59bf202d
commit 7753169585
1 changed files with 1 additions and 1 deletions

View File

@ -417,7 +417,7 @@ This simplistic view logs in a "member" of the site::
def login(request):
m = Member.objects.get(username=request.POST['username'])
if m.password == request.POST['password']:
if m.check_password(request.POST['password']):
request.session['member_id'] = m.id
return HttpResponse("You're logged in.")
else: