sub authenticate_root {
$main::lxdebug->enter_sub();
- my $self = shift;
- my $password = shift;
- my $is_crypted = shift;
+ my ($self, $password) = @_;
- $password = crypt $password, 'ro' if (!$password || !$is_crypted);
- my $admin_password = crypt "$self->{admin_password}", 'ro';
+ $password = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $password);
+ my $admin_password = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $self->{admin_password});
$main::lxdebug->leave_sub();
$self->set_session_value(login => $params{login}, password => $params{password});
}
+sub store_root_credentials_in_session {
+ my ($self, $rpw) = @_;
+
+ $rpw = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $rpw)
+ unless $self->{authenticator}->requires_cleartext_password;
+
+ $self->set_session_value(rpw => $rpw);
+}
+
sub dbconnect {
$main::lxdebug->enter_sub(2);
$locale = $::locale;
$auth = $::auth;
- $::auth->set_session_value('rpw', $::form->{rpw}) if $session_result == SL::Auth->SESSION_OK;
+ $::auth->store_root_credentials_in_session($form->{rpw}) if $session_result == SL::Auth->SESSION_OK;
$form->{stylesheet} = "lx-office-erp.css";
$form->{favicon} = "favicon.ico";
if ($form->{action}) {
if ($auth->authenticate_root($form->{rpw}) != $auth->OK()) {
$form->{error_message} = $locale->text('Incorrect Password!');
+ $auth->delete_session_value('rpw');
adminlogin();
} else {
if ($auth->session_tables_present()) {
- $::auth->set_session_value('rpw', $::form->{rpw});
- $::auth->create_or_refresh_session();
+ $::auth->store_root_credentials_in_session($::form->{rpw});
+ delete $::form->{rpw};
_apply_dbupgrade_scripts();
}
projects / kivitendo-erp.git / commitdiff