From: Moritz Bunkus <m.bunkus@linet-services.de>
Date: Fri, 17 Aug 2012 12:23:09 +0000 (+0200)
Subject: User- und Adminlogin jederzeit via Formularfelder ermöglichen
X-Git-Tag: release-3.0.0beta1~286
X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=a3339fc75fd7c2fd1328e5444dcde255e4034f95;hp=670f76a86aaf642bf1a6b5b37cdc023f8fdfc79c;p=kivitendo-erp.git

User- und Adminlogin jederzeit via Formularfelder ermöglichen
---

diff --git a/SL/Dispatcher/AuthHandler/Admin.pm b/SL/Dispatcher/AuthHandler/Admin.pm
index 7b194ff04..07778b6db 100644
--- a/SL/Dispatcher/AuthHandler/Admin.pm
+++ b/SL/Dispatcher/AuthHandler/Admin.pm
@@ -7,7 +7,8 @@ use parent qw(Rose::Object);
 sub handle {
   %::myconfig = ();
 
-  return if $::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK();
+  return if  $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'})            == $::auth->OK());
+  return if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
 
   $::auth->delete_session_value('admin_password');
   SL::Dispatcher::show_error('login/password_error', 'password', is_admin => 1);
diff --git a/SL/Dispatcher/AuthHandler/User.pm b/SL/Dispatcher/AuthHandler/User.pm
index 13d644863..56dbf9a34 100644
--- a/SL/Dispatcher/AuthHandler/User.pm
+++ b/SL/Dispatcher/AuthHandler/User.pm
@@ -5,7 +5,7 @@ use strict;
 use parent qw(Rose::Object);
 
 sub handle {
-  my $login = $::auth->get_session_value('login');
+  my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
   SL::Dispatcher::show_error('login/password_error', 'password') if not defined $login;
 
   %::myconfig = $::auth->read_user(login => $login);
@@ -14,11 +14,13 @@ sub handle {
 
   $::locale = Locale->new($::myconfig{countrycode});
 
-  SL::Dispatcher::show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($login, undef);
+  my $ok   =  $::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, $::form->{'{AUTH}password'}));
+  $ok    ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, undef));
+
+  SL::Dispatcher::show_error('login/password_error', 'password') if !$ok;
 
   $::auth->create_or_refresh_session;
   $::auth->delete_session_value('FLASH');
-  delete $::form->{password};
 }
 
 1;