use strict;
+# Force scripts/locales.pl to parse these templates:
+# parse_html_template('login_screen/auth_db_unreachable')
+# parse_html_template('login_screen/user_login')
+# parse_html_template('generic/error')
+
BEGIN {
- unshift @INC, "modules/override"; # Use our own versions of various modules (e.g. YAML).
- push @INC, "modules/fallback"; # Only use our own versions of modules if there's no system version.
+ use SL::System::Process;
+ my $exe_dir = SL::System::Process::exe_dir;
+
+ unshift @INC, "${exe_dir}/modules/override"; # Use our own versions of various modules (e.g. YAML).
+ push @INC, "${exe_dir}/modules/fallback"; # Only use our own versions of modules if there's no system version.
+ unshift @INC, $exe_dir;
}
use CGI qw( -no_xhtml);
use List::Util qw(first);
use POSIX;
use SL::Auth;
+use SL::Dispatcher::AuthHandler;
use SL::LXDebug;
use SL::LxOfficeConf;
use SL::Locale;
my $self = bless {}, $class;
$self->{interface} = lc($interface || 'cgi');
+ $self->{auth_handler} = SL::Dispatcher::AuthHandler->new;
return $self;
}
::run();
::end_of_request();
} else {
- show_error('login/auth_db_unreachable');
+ show_error('login_screen/auth_db_unreachable');
}
}
}
$::lxdebug->enter_sub;
my $template = shift;
my $error_type = shift || '';
+ my %params = @_;
- $::locale = Locale->new($::lx_office_conf{system}->{language});
+ $::myconfig{countrycode} = delete($params{countrycode}) || $::lx_office_conf{system}->{language};
+ $::locale = Locale->new($::myconfig{countrycode});
$::form->{error} = $::locale->text('The session is invalid or has expired.') if ($error_type eq 'session');
- $::form->{error} = $::locale->text('Incorrect password!.') if ($error_type eq 'password');
- $::myconfig{countrycode} = $::lx_office_conf{system}->{language};
- $::form->{stylesheet} = 'css/lx-office-erp.css';
+ $::form->{error} = $::locale->text('Incorrect password!') if ($error_type eq 'password');
$::form->header;
- print $::form->parse_html_template($template);
+ print $::form->parse_html_template($template, \%params);
$::lxdebug->leave_sub;
::end_of_request();
sub _require_controller {
my $controller = shift;
$controller =~ s|[^A-Za-z0-9_]||g;
+ $controller = "SL/Controller/${controller}";
eval {
package main;
- require "SL/Controller/${controller}.pm";
+ require "${controller}.pm";
} or die $EVAL_ERROR;
}
my ($script, $path, $suffix, $script_name, $action, $routing_type);
- $script_name = $ENV{SCRIPT_NAME};
-
$self->unrequire_bin_mozilla;
$::locale = Locale->new($::lx_office_conf{system}->{language});
$::form->read_cgi_input;
- eval { ($routing_type, $script_name, $action) = _route_request($script_name); 1; } or return;
+ eval { ($routing_type, $script_name, $action) = _route_request($ENV{SCRIPT_NAME}); 1; } or return;
if ($routing_type eq 'old') {
$::form->{action} = lc $::form->{action};
$::form->error($::locale->text('System currently down for maintenance!')) if -e ($::lx_office_conf{paths}->{userspath} . "/nologin") && $script ne 'admin';
- if ($script eq 'login' or $script eq 'admin') {
- $::form->{titlebar} = "Lx-Office " . $::locale->text('Version') . " $::form->{version}";
- ::run($session_result);
+ # For compatibility with a lot of database upgrade scripts etc:
+ # Re-write request to old 'login.pl?action=login' to new
+ # 'LoginScreen' controller. Make sure to load its code!
+ if (($script eq 'login') && ($action eq 'login')) {
+ ($routing_type, $script, $script_name, $action) = qw(controller controller LoginScreen login);
+ _require_controller('LoginScreen');
+ }
- } else {
- show_error('login/password_error', 'session') if SL::Auth::SESSION_EXPIRED == $session_result;
- %::myconfig = $::auth->read_user(login => $::form->{login});
+ if (($script eq 'login') && !$action) {
+ print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login');
- show_error('login/password_error', 'password') unless $::myconfig{login};
+ } elsif ($script eq 'admin') {
+ $::form->{titlebar} = "kivitendo " . $::locale->text('Version') . " $::form->{version}";
+ ::run($session_result);
- $::locale = Locale->new($::myconfig{countrycode});
+ } else {
+ show_error('login_screen/user_login', 'session') if SL::Auth::SESSION_EXPIRED == $session_result;
- show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($::form->{login}, $::form->{password});
+ my %auth_result = $self->{auth_handler}->handle(
+ routing_type => $routing_type,
+ script => $script,
+ controller => $script_name,
+ action => $action,
+ );
- $::auth->store_credentials_in_session(login => $::form->{login}, password => $::form->{password});
- $::auth->create_or_refresh_session;
- $::auth->delete_session_value('FLASH');
- delete $::form->{password};
+ delete @{ $::form }{ grep { m/^\{AUTH\}/ } keys %{ $::form } } unless $auth_result{keep_auth_vars};
if ($action) {
- $::instance_conf->init;
+ $::instance_conf->init if $auth_result{auth_level} eq 'user';
- map { $::form->{$_} = $::myconfig{$_} } qw(stylesheet charset)
+ map { $::form->{$_} = $::myconfig{$_} } qw(charset)
unless $action eq 'save' && $::form->{type} eq 'preferences';
$::form->set_standard_title;
if ($EVAL_ERROR ne END_OF_REQUEST) {
print STDERR $EVAL_ERROR;
$::form->{label_error} = $::request->{cgi}->pre($EVAL_ERROR);
+ chdir SL::System::Process::exe_dir;
eval { show_error('generic/error') };
}
};
my @old_files = grep { -f "config/${_}" } qw(authentication.pl console.conf lx-erp.conf lx-erp-local.conf);
return unless @old_files;
- $::form->{title} = $::locale->text('Old configuration files');
- $::form->{stylesheet} = 'lx-office-erp.css';
+ $::form->{title} = $::locale->text('Old configuration files');
$::form->header;
- print $::form->parse_html_template('login/old_configuration_files', { FILES => \@old_files });
+ print $::form->parse_html_template('login_screen/old_configuration_files', { FILES => \@old_files });
::end_of_request();
}