From 77531695850befad4dda7f9a0ce9e78b131ab5e1 Mon Sep 17 00:00:00 2001 From: Luke Plant Date: Tue, 4 Jan 2022 05:47:24 +0000 Subject: [PATCH] [4.0.x] Avoided suggestion of plain text database password in sessions topic. Backport of ccafad2e429468c518c80fb178f9e7a3f06e78e1 from main --- docs/topics/http/sessions.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/http/sessions.txt b/docs/topics/http/sessions.txt index 9c662b87b5..34dabdd536 100644 --- a/docs/topics/http/sessions.txt +++ b/docs/topics/http/sessions.txt @@ -417,7 +417,7 @@ This simplistic view logs in a "member" of the site:: def login(request): m = Member.objects.get(username=request.POST['username']) - if m.password == request.POST['password']: + if m.check_password(request.POST['password']): request.session['member_id'] = m.id return HttpResponse("You're logged in.") else: