projects / kivitendo-erp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 03c6a4f)
Admin-Auth-Handler: FLASH löschen (wie auch beim User)
authorMoritz Bunkus <m.bunkus@linet-services.de>
Thu, 6 Jun 2013 14:44:38 +0000 (16:44 +0200)
committerMoritz Bunkus <m.bunkus@linet-services.de>
Thu, 13 Jun 2013 14:31:35 +0000 (16:31 +0200)
SL/Dispatcher/AuthHandler/Admin.pm patch | blob | history

diff --git a/SL/Dispatcher/AuthHandler/Admin.pm b/SL/Dispatcher/AuthHandler/Admin.pm
index baacc67..babdc22 100644 (file)
--- a/SL/Dispatcher/AuthHandler/Admin.pm
+++ b/SL/Dispatcher/AuthHandler/Admin.pm
@@ -10,15 +10,21 @@ sub handle {
 
   %::myconfig = ();
 
-  return 1 if  $::auth->get_api_token_cookie;
-  return 1 if  $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'})            == $::auth->OK());
-  return 1 if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
-  return 1 if $params{action} eq 'login';
+  my $ok =  $::auth->get_api_token_cookie ? 1 : 0;
+  $ok  ||=  $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'})            == $::auth->OK());
+  $ok  ||= !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
+  $ok  ||=  $params{action} eq 'login';
 
-  $::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin');
+  $::auth->create_or_refresh_session;
 
-  $::auth->punish_wrong_login;
+  if ($ok) {
+    $::auth->delete_session_value('FLASH');
+    return 1;
+  }
+
+  $::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin');
   $::auth->delete_session_value('admin_password');
+  $::auth->punish_wrong_login;
   SL::Dispatcher::show_error('admin/adminlogin', 'password');
 
   return 0;
Unnamed repository; edit this file 'description' to name the repository.