X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FDispatcher%2FAuthHandler%2FAdmin.pm;h=06fd3cfe3c2991b42f831ddadf2788aef57ec1c6;hb=cce0311c1dfbe57e0fbd6082284d8360a9c54239;hp=a7b649cf2bc6d77755063bc792cfa1f1523933d6;hpb=6c21fd13caa00ecee7acac38ac6395948dad20a7;p=kivitendo-erp.git diff --git a/SL/Dispatcher/AuthHandler/Admin.pm b/SL/Dispatcher/AuthHandler/Admin.pm index a7b649cf2..06fd3cfe3 100644 --- a/SL/Dispatcher/AuthHandler/Admin.pm +++ b/SL/Dispatcher/AuthHandler/Admin.pm @@ -6,16 +6,25 @@ use parent qw(Rose::Object); use SL::Layout::Dispatcher; sub handle { - %::myconfig = (); + my ($self, %params) = @_; - return 1 if $::auth->get_api_token_cookie; - return 1 if $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK()); - return 1 if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK()); + %::myconfig = User->get_default_myconfig; - $::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin'); + my $ok = $::auth->is_api_token_cookie_valid; + $ok ||= $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK()); + $ok ||= !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK()); + $ok ||= $params{action} eq 'login'; - $::auth->punish_wrong_login; + $::auth->create_or_refresh_session; + + if ($ok) { + $::auth->delete_session_value('FLASH'); + return 1; + } + + $::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin'); $::auth->delete_session_value('admin_password'); + $::auth->punish_wrong_login; SL::Dispatcher::show_error('admin/adminlogin', 'password'); return 0;