enabling the CSRF protection middleware and adding the {% csrf_token %} tag to the...

[osqa.git] / forum / skins / default / templates / auth / auth_settings.html

diff --git a/forum/skins/default/templates/auth/auth_settings.html b/forum/skins/default/templates/auth/auth_settings.html
index 3e3200772aa1ffa2d90a07e14d2175291a382258..969036d6c499650c900381ca809df8c95d6c6533 100644 (file)
--- a/forum/skins/default/templates/auth/auth_settings.html
+++ b/forum/skins/default/templates/auth/auth_settings.html
@@ -19,19 +19,21 @@
 {% ifequal view_user request.user %}
     <input type="button" class="submit" value="{% trans "Add new provider" %}" onclick="window.location='{% url user_add_external_provider %}'" />
 {% endifequal %}
+{% if allow_local_auth %}
 {% if has_password %}
     <p class="message">{% blocktrans %}This is where you can change your password. Make sure you remember it!{% endblocktrans %}</p>
-{% endif %}
-{% if not has_password %}
+{% else %}
     <p class="message">{% blocktrans %}You can set up a password for your account, so you can login using standard username and password!{% endblocktrans %}</p>
 {% endif %}
 <div class="aligned">
        <form action="" method="post" accept-charset="utf-8">
+        {% csrf_token %}
         <ul id="changepw-form" class="form-horizontal-rows">
         {{form.as_ul}}
         </ul>
         <div class="submit-row"><input type="submit" class="submit" value="{% if has_password %}{% trans "Change password" %}{% endif %}{% if not has_password %}{% trans "Create password" %}{% endif %}" /></div>
        </form>
        </div>
+{% endif %}
 {% endblock %}
 <!-- end changepw.html -->