sub handle {
%::myconfig = ();
- return if $::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK();
+ return if $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK());
+ return if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
$::auth->delete_session_value('admin_password');
SL::Dispatcher::show_error('login/password_error', 'password', is_admin => 1);
use parent qw(Rose::Object);
sub handle {
- my $login = $::auth->get_session_value('login');
+ my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
SL::Dispatcher::show_error('login/password_error', 'password') if not defined $login;
%::myconfig = $::auth->read_user(login => $login);
$::locale = Locale->new($::myconfig{countrycode});
- SL::Dispatcher::show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($login, undef);
+ my $ok = $::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, $::form->{'{AUTH}password'}));
+ $ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, undef));
+
+ SL::Dispatcher::show_error('login/password_error', 'password') if !$ok;
$::auth->create_or_refresh_session;
$::auth->delete_session_value('FLASH');
- delete $::form->{password};
}
1;
projects / kivitendo-erp.git / commitdiff