Hi,
I have a problem with the ldap auth since I upgraded my application from web2py 2.14.6 on Python 2.7 to the current web2py 2.18.5 on Python 3.7.
In the old version when I logged in with incorrect credentials it would reload the login page:
on the new version the login form's variables are displayed in the url
I have not really changed anything in the app, only the fixed the syntax for Python 3.
I was looking through the Auth and related classes in gluon, but I cannot figure out what may have changed and I am not that knowledgeable about how html forms work to produce this behaviour.
I am generating the auth form with the basic 'form=auth()' in the user controller/view.
Besides the obvious security issue, it results in an error when I enter the correct password on the next attempt, because now 2 passwords are sent in a list in request.vars.
Any ideas?
Many thanks!
Fred