changeset 15:431bd76aabb7

slightly less stupid exception handling
author Jeff Hammel <jhammel@mozilla.com>
date Tue, 13 Jul 2010 12:31:13 -0700
parents 372a913c1051
children 52713d176ab9
files bitsyauth/__init__.py
diffstat 1 files changed, 3 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/bitsyauth/__init__.py
+++ b/bitsyauth/__init__.py
@@ -354,17 +354,19 @@ class BitsyAuth(object):
             auth, global_conf, secret,
             cookie_name=self.cookie, logout_path='/logout')
 
     def __call__(self, environ, start_response):
         if environ['PATH_INFO'] == '/logout':
             pass
         try:
             return self.cookie_handler(environ, start_response)
-        except:
+        except auth_tkt.BadTicket:
+            environ.pop('HTTP_COOKIE') # kill all cookies!  bad! XXX
+            return self.cookie_handler(environ, start_response)
             return self.logout(environ, start_response)
 
     def logout(self, environ, start_response):
         req = Request(environ)
         keys = [ 'REMOTE_USER' ]
         #        keys = [ 'REMOTE_USER', 'AUTH_TYPE', 'paste.auth.cookie', 'paste.cookies', 'HTTP_COOKIE' ]  # XXX zealous kill
         for key in keys:
             req.environ.pop(key, None)