From: Moritz Bunkus Date: Fri, 17 Aug 2012 12:23:09 +0000 (+0200) Subject: User- und Adminlogin jederzeit via Formularfelder ermöglichen X-Git-Tag: release-3.0.0beta1~286 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=a3339fc75fd7c2fd1328e5444dcde255e4034f95;p=kivitendo-erp.git User- und Adminlogin jederzeit via Formularfelder ermöglichen --- diff --git a/SL/Dispatcher/AuthHandler/Admin.pm b/SL/Dispatcher/AuthHandler/Admin.pm index 7b194ff04..07778b6db 100644 --- a/SL/Dispatcher/AuthHandler/Admin.pm +++ b/SL/Dispatcher/AuthHandler/Admin.pm @@ -7,7 +7,8 @@ use parent qw(Rose::Object); sub handle { %::myconfig = (); - return if $::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK(); + return if $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK()); + return if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK()); $::auth->delete_session_value('admin_password'); SL::Dispatcher::show_error('login/password_error', 'password', is_admin => 1); diff --git a/SL/Dispatcher/AuthHandler/User.pm b/SL/Dispatcher/AuthHandler/User.pm index 13d644863..56dbf9a34 100644 --- a/SL/Dispatcher/AuthHandler/User.pm +++ b/SL/Dispatcher/AuthHandler/User.pm @@ -5,7 +5,7 @@ use strict; use parent qw(Rose::Object); sub handle { - my $login = $::auth->get_session_value('login'); + my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login'); SL::Dispatcher::show_error('login/password_error', 'password') if not defined $login; %::myconfig = $::auth->read_user(login => $login); @@ -14,11 +14,13 @@ sub handle { $::locale = Locale->new($::myconfig{countrycode}); - SL::Dispatcher::show_error('login/password_error', 'password') if SL::Auth::OK != $::auth->authenticate($login, undef); + my $ok = $::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, $::form->{'{AUTH}password'})); + $ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, undef)); + + SL::Dispatcher::show_error('login/password_error', 'password') if !$ok; $::auth->create_or_refresh_session; $::auth->delete_session_value('FLASH'); - delete $::form->{password}; } 1;