X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;ds=sidebyside;f=SL%2FDispatcher%2FAuthHandler%2FUser.pm;h=7a8fd1d75efbfdc309b328740e7edb530512d962;hb=a2b2aea891ee04f41301ffbaabab534b741ec6d4;hp=56dbf9a34d41bb8593eb5dbe1b3b2451122dd42c;hpb=a3339fc75fd7c2fd1328e5444dcde255e4034f95;p=kivitendo-erp.git

diff --git a/SL/Dispatcher/AuthHandler/User.pm b/SL/Dispatcher/AuthHandler/User.pm
index 56dbf9a34..7a8fd1d75 100644
--- a/SL/Dispatcher/AuthHandler/User.pm
+++ b/SL/Dispatcher/AuthHandler/User.pm
@@ -1,26 +1,45 @@
 package SL::Dispatcher::AuthHandler::User;
 
 use strict;
-
 use parent qw(Rose::Object);
 
+use SL::Layout::Dispatcher;
+
 sub handle {
+  my ($self, %param) = @_;
+
   my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
-  SL::Dispatcher::show_error('login/password_error', 'password') if not defined $login;
+  return $self->_error(%param) if !defined $login;
+
+  my $client_id = $::form->{'{AUTH}client_id'} || $::auth->get_session_value('client_id');
+  return $self->_error(%param) if !$client_id || !$::auth->set_client($client_id);
 
   %::myconfig = $::auth->read_user(login => $login);
 
-  SL::Dispatcher::show_error('login/password_error', 'password') unless $::myconfig{login};
+  return $self->_error(%param) unless $::myconfig{login};
 
   $::locale = Locale->new($::myconfig{countrycode});
+  $::request->{layout} = SL::Layout::Dispatcher->new(style => $::myconfig{menustyle});
 
-  my $ok   =  $::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, $::form->{'{AUTH}password'}));
-  $ok    ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, undef));
+  my $ok   =  $::auth->is_api_token_cookie_valid;
+  $ok    ||=  $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'}));
+  $ok    ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef));
 
-  SL::Dispatcher::show_error('login/password_error', 'password') if !$ok;
+  return $self->_error(%param) if !$ok;
 
   $::auth->create_or_refresh_session;
   $::auth->delete_session_value('FLASH');
+  $::instance_conf->reload->data;
+
+  return 1;
+}
+
+sub _error {
+  my $self = shift;
+
+  $::auth->punish_wrong_login;
+  print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login&error=password');
+  return 0;
 }
 
 1;