X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FDispatcher%2FAuthHandler%2FUser.pm;h=5ee543beb921752805d59d0afc5ccb490ccad6a0;hb=a4c3e9de7b3169ac6a0ad270022da9aeed91f9ff;hp=1273d679fa2aee8ebb34e7310715565a2cf45d71;hpb=fc41222c61dbee590005f04c50e8603581462543;p=kivitendo-erp.git diff --git a/SL/Dispatcher/AuthHandler/User.pm b/SL/Dispatcher/AuthHandler/User.pm index 1273d679f..5ee543beb 100644 --- a/SL/Dispatcher/AuthHandler/User.pm +++ b/SL/Dispatcher/AuthHandler/User.pm @@ -9,24 +9,28 @@ sub handle { my ($self, %param) = @_; my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login'); - $self->_error(%param) if !defined $login; + return $self->_error(%param) if !defined $login; + + my $client_id = $::form->{'{AUTH}client_id'} || $::auth->get_session_value('client_id'); + return $self->_error(%param) if !$client_id || !$::auth->set_client($client_id); %::myconfig = $::auth->read_user(login => $login); - $self->_error(%param) unless $::myconfig{login}; + return $self->_error(%param) unless $::myconfig{login}; $::locale = Locale->new($::myconfig{countrycode}); $::request->{layout} = SL::Layout::Dispatcher->new(style => $::myconfig{menustyle}); - my $ok = $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'})); + my $ok = $::auth->get_api_token_cookie ? 1 : 0; + $ok ||= $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'})); $ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef)); - $self->_error(%param) if !$ok; + return $self->_error(%param) if !$ok; $::auth->create_or_refresh_session; $::auth->delete_session_value('FLASH'); - return %::myconfig; + return 1; } sub _error { @@ -34,6 +38,7 @@ sub _error { $::auth->punish_wrong_login; print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login&error=password'); + return 0; } 1;