From 20fa25931626e768df6a9bc3c9271283c4cf0e15 Mon Sep 17 00:00:00 2001
From: Rebecca Law <rebecca.law@digital.cabinet-office.gov.uk>
Date: Thu, 10 Dec 2015 14:51:20 +0000
Subject: [PATCH] 109526036: Removed sms code from the session on sign-in

---
 app/main/views/sign_in.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/app/main/views/sign_in.py b/app/main/views/sign_in.py
index f7bfeccc7..ec34f349e 100644
--- a/app/main/views/sign_in.py
+++ b/app/main/views/sign_in.py
@@ -28,7 +28,6 @@ def process_sign_in():
         if checkpw(form.password.data, user.password):
             sms_code = send_sms_code(user.id, user.mobile_number)
             session['user_id'] = user.id
-            session['sms_code'] = hashpw(sms_code)
         else:
             users_dao.increment_failed_login_count(user.id)
             return jsonify(authorization=False), 401