projects
/
kivitendo-erp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Sessions: IP nicht bei IPv6 validieren.
[kivitendo-erp.git]
/
SL
/
Dispatcher
/
AuthHandler
/
User.pm
diff --git
a/SL/Dispatcher/AuthHandler/User.pm
b/SL/Dispatcher/AuthHandler/User.pm
index
150245c
..
a1a5bdc
100644
(file)
--- a/
SL/Dispatcher/AuthHandler/User.pm
+++ b/
SL/Dispatcher/AuthHandler/User.pm
@@
-1,37
+1,45
@@
package SL::Dispatcher::AuthHandler::User;
use strict;
package SL::Dispatcher::AuthHandler::User;
use strict;
-
use parent qw(Rose::Object);
use parent qw(Rose::Object);
+use SL::Layout::Dispatcher;
+
sub handle {
my ($self, %param) = @_;
my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
sub handle {
my ($self, %param) = @_;
my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
- $self->_error(%param) if !defined $login;
+ return $self->_error(%param) if !defined $login;
+
+ my $client_id = $::form->{'{AUTH}client_id'} || $::auth->get_session_value('client_id');
+ return $self->_error(%param) if !$client_id || !$::auth->set_client($client_id);
- %::myconfig =
$::auth->read_user(login => $login
);
+ %::myconfig =
User->get_default_myconfig($::auth->read_user(login => $login)
);
- $self->_error(%param) unless $::myconfig{login};
+
return
$self->_error(%param) unless $::myconfig{login};
$::locale = Locale->new($::myconfig{countrycode});
$::locale = Locale->new($::myconfig{countrycode});
+ $::request->{layout} = SL::Layout::Dispatcher->new(style => $::myconfig{menustyle});
- my $ok = $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'}));
+ my $ok = $::auth->is_api_token_cookie_valid;
+ $ok ||= $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'}));
$ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef));
$ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef));
- $self->_error(%param) if !$ok;
+
return
$self->_error(%param) if !$ok;
$::auth->create_or_refresh_session;
$::auth->delete_session_value('FLASH');
$::auth->create_or_refresh_session;
$::auth->delete_session_value('FLASH');
+ $::instance_conf->reload->data;
- return
%::myconfig
;
+ return
1
;
}
sub _error {
my $self = shift;
$::auth->punish_wrong_login;
}
sub _error {
my $self = shift;
$::auth->punish_wrong_login;
- SL::Dispatcher::show_error('login_screen/user_login', 'password', @_);
+ print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login&error=password');
+ return 0;
}
1;
}
1;