use SL::DB::AuthClient;
use SL::DB::AuthGroup;
use SL::DB::AuthUser;
+use SL::DB::Employee;
use SL::Locale::String qw(t8);
use SL::User;
return if $self->_redirect_to_main_script_if_already_logged_in;
# Otherwise show the login form.
- $self->show_login_form(error => error_state($::form->{error}));
+ $self->show_login_form(error_state($::form->{error}));
}
sub action_logout {
}
%::myconfig = $login ? $::auth->read_user(login => $login) : ();
- $::form->{login} = $login;
$::locale = Locale->new($::myconfig{countrycode}) if $::myconfig{countrycode};
SL::Dispatcher::AuthHandler::User->new->handle(countrycode => $::myconfig{countrycode});
# if we get an error back, bale out
my $result = User->new(login => $::myconfig{login})->login($::form);
- # Database update available?
- ::end_of_request() if -2 == $result;
-
# Auth DB needs update? If so log the user out forcefully.
- if (-3 == $result) {
+ if (User::LOGIN_AUTH_DBUPDATE_AVAILABLE() == $result) {
$::auth->destroy_session;
return $self->render('login_screen/auth_db_needs_update');
}
+ # Basic client tables available? If not tell the user to create them
+ # and log the user out forcefully.
+ if (User::LOGIN_BASIC_TABLES_MISSING() == $result) {
+ $::auth->destroy_session;
+ return $self->render('login_screen/basic_tables_missing');
+ }
+
+ # Database update available?
+ ::end_of_request() if User::LOGIN_DBUPDATE_AVAILABLE() == $result;
+
# Other login errors.
- if (0 > $result) {
+ if (User::LOGIN_OK() != $result) {
$::auth->punish_wrong_login;
return $self->show_login_form(error => $error);
}
# Everything is fine.
$::auth->set_cookie_environment_variable();
- # TODO: Employees anlegen/checken
- # $self->_ensure_employees_for_authorized_users_exist;
-
$self->_redirect_to_main_script;
}
my %user = $::auth->read_user(login => $login);
return if ($user{login} || '') ne $login;
+ # Check if there's a client set in the session -- and whether or not
+ # the user still has access to the client.
+ my $client_id = $::auth->get_session_value('client_id');
+ return if !$client_id;
+
+ if (!$::auth->set_client($client_id)) {
+ $::auth->punish_wrong_login;
+ $::auth->destroy_session;
+ $::auth->create_or_refresh_session;
+ $self->show_login_form(error => t8('Incorrect username or password or no access to selected client!'));
+ return 1;
+ }
+
# Check if the session is logged in correctly.
return if SL::Auth::OK() != $::auth->authenticate($login, undef);
}
sub error_state {
- return {
- session => $::locale->text('The session is invalid or has expired.'),
- password => $::locale->text('Incorrect username or password or no access to selected client!'),
- }->{$_[0]};
+ my %states = (
+ session => { warning => t8('The session has expired. Please log in again.') },
+ password => { error => t8('Incorrect username or password or no access to selected client!') },
+ action => { warning => t8('The action is missing or invalid.') },
+ );
+
+ return %{ $states{$_[0]} || {} };
}
sub set_layout {
sub show_login_form {
my ($self, %params) = @_;
- $::request->layout->focus('#auth_login');
- $self->render('login_screen/user_login', %params);
+ $self->render('login_screen/user_login', %params, version => $::form->read_version);
}
1;