CGI.redirect(CGI.action('login', why = 'AUTHFAIL'))
else:
t = mint_token(u)
- CGI.redirect(CGI.action('list'),
+ CGI.redirect(CGI.action('list', u),
set_cookie = CGI.cookie('chpwd-token', t,
httponly = True,
+ secure = CGI.SSLP,
path = CFG.SCRIPT_NAME,
max_age = (CFG.SECRETLIFE -
CFG.SECRETFRESH)))