X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FDispatcher%2FAuthHandler%2FUser.pm;h=150245c587898fd742166dfd39ecc61552f891d5;hb=1e1a8a24199f65940bd3870c369459f7b6a002c5;hp=13d64486379f462b0aeb46c6f6ecc22d17cea9e9;hpb=6afd06adfeb66b481b7240637351a34a41e702d1;p=kivitendo-erp.git

diff --git a/SL/Dispatcher/AuthHandler/User.pm b/SL/Dispatcher/AuthHandler/User.pm
index 13d644863..150245c58 100644
--- a/SL/Dispatcher/AuthHandler/User.pm
+++ b/SL/Dispatcher/AuthHandler/User.pm
@@ -5,20 +5,33 @@ use strict;
 use parent qw(Rose::Object);
 
 sub handle {
-  my $login = $::auth->get_session_value('login');
-  SL::Dispatcher::show_error('login/password_error', 'password') if not defined $login;
+  my ($self, %param) = @_;
+
+  my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
+  $self->_error(%param) if !defined $login;
 
   %::myconfig = $::auth->read_user(login => $login);
 
-  SL::Dispatcher::show_error('login/password_error', 'password') unless $::myconfig{login};
+  $self->_error(%param) unless $::myconfig{login};
 
   $::locale = Locale->new($::myconfig{countrycode});
 
-  SL::Dispatcher::show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($login, undef);
+  my $ok   =  $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'}));
+  $ok    ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef));
+
+  $self->_error(%param) if !$ok;
 
   $::auth->create_or_refresh_session;
   $::auth->delete_session_value('FLASH');
-  delete $::form->{password};
+
+  return %::myconfig;
+}
+
+sub _error {
+  my $self = shift;
+
+  $::auth->punish_wrong_login;
+  SL::Dispatcher::show_error('login_screen/user_login', 'password', @_);
 }
 
 1;