User- und Adminlogin jederzeit via Formularfelder ermöglichen
authorMoritz Bunkus <m.bunkus@linet-services.de>
Fri, 17 Aug 2012 12:23:09 +0000 (14:23 +0200)
committerMoritz Bunkus <m.bunkus@linet-services.de>
Fri, 17 Aug 2012 12:23:09 +0000 (14:23 +0200)
SL/Dispatcher/AuthHandler/Admin.pm
SL/Dispatcher/AuthHandler/User.pm

index 7b194ff..07778b6 100644 (file)
@@ -7,7 +7,8 @@ use parent qw(Rose::Object);
 sub handle {
   %::myconfig = ();
 
-  return if $::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK();
+  return if  $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'})            == $::auth->OK());
+  return if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
 
   $::auth->delete_session_value('admin_password');
   SL::Dispatcher::show_error('login/password_error', 'password', is_admin => 1);
index 13d6448..56dbf9a 100644 (file)
@@ -5,7 +5,7 @@ use strict;
 use parent qw(Rose::Object);
 
 sub handle {
-  my $login = $::auth->get_session_value('login');
+  my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
   SL::Dispatcher::show_error('login/password_error', 'password') if not defined $login;
 
   %::myconfig = $::auth->read_user(login => $login);
@@ -14,11 +14,13 @@ sub handle {
 
   $::locale = Locale->new($::myconfig{countrycode});
 
-  SL::Dispatcher::show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($login, undef);
+  my $ok   =  $::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, $::form->{'{AUTH}password'}));
+  $ok    ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, undef));
+
+  SL::Dispatcher::show_error('login/password_error', 'password') if !$ok;
 
   $::auth->create_or_refresh_session;
   $::auth->delete_session_value('FLASH');
-  delete $::form->{password};
 }
 
 1;