--- a/src/pyams_security/views/login.py Mon Dec 11 15:25:18 2017 +0100
+++ b/src/pyams_security/views/login.py Thu Dec 14 12:19:33 2017 +0100
@@ -35,6 +35,7 @@
from pyams_utils.text import text_to_html
from pyams_utils.traversing import get_parent
from pyams_viewlet.viewlet import viewlet_config, Viewlet
+from pyramid.csrf import new_csrf_token
from pyramid.events import subscriber
from pyramid.httpexceptions import HTTPFound
from pyramid.response import Response
@@ -101,6 +102,10 @@
ajax_handler = 'login.json'
edit_permission = None
+ def update(self):
+ super(LoginForm, self).update()
+ new_csrf_token(self.request)
+
def updateActions(self):
super(LoginForm, self).updateActions()
if 'login' in self.actions: