From 22efd8a7bcfbeaca36f0f703b3f6bbbe90ff08dc Mon Sep 17 00:00:00 2001
From: Moritz Bunkus <m.bunkus@linet-services.de>
Date: Mon, 27 Aug 2012 15:00:48 +0200
Subject: [PATCH] Login-Maske: Zu Menu redirecten falls bereits eingeloggt
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Wenn man bereits eingeloggt ist und irgendwo im Programm zu login.pl
redirectet wird (z.B. beim Speichern der Benutzereinstellungen), so
wurde durch die Umstellung des Loginmechanismusses neulich leider die
Loginmaske erneut angezeigt, obwohl eine anständig authentifizierte
Session vorliegt.
---
 SL/Controller/LoginScreen.pm | 51 +++++++++++++++++++++++++++++++-----
 1 file changed, 44 insertions(+), 7 deletions(-)

diff --git a/SL/Controller/LoginScreen.pm b/SL/Controller/LoginScreen.pm
index f561a394b..47dfa90c9 100644
--- a/SL/Controller/LoginScreen.pm
+++ b/SL/Controller/LoginScreen.pm
@@ -14,6 +14,11 @@ use SL::User;
 sub action_user_login {
   my ($self) = @_;
 
+  # If the user is already logged in then redirect to the proper menu
+  # script.
+  return if $self->_redirect_to_main_script_if_already_logged_in;
+
+  # Otherwise show the login form.
   $self->render('login_screen/user_login');
 }
 
@@ -55,6 +60,27 @@ sub action_login {
   # Everything is fine.
   $::auth->set_cookie_environment_variable();
 
+  $self->_redirect_to_main_script($user);
+}
+
+#
+# settings
+#
+sub get_auth_level {
+  return 'none';
+}
+
+sub keep_auth_vars_in_form {
+  return 1;
+}
+
+#
+# private methods
+#
+
+sub _redirect_to_main_script {
+  my ($self, $user) = @_;
+
   return $self->redirect_to($::form->{callback}) if $::form->{callback};
 
   my %style_to_script_map = (
@@ -68,14 +94,25 @@ sub action_login {
   $self->redirect_to(controller => "menu${menu_script}.pl", action => 'display');
 }
 
-#
-# settings
-#
-sub get_auth_level {
-  return 'none';
-}
+sub _redirect_to_main_script_if_already_logged_in {
+  my ($self) = @_;
+
+  # Get 'login' from valid session.
+  my $login = $::auth->get_session_value('login');
+  return unless $login;
+
+  # See whether or not the user exists in the database.
+  my %user = $::auth->read_user(login => $login);
+  return if ($user{login} || '') ne $login;
+
+  # Check if the session is logged in correctly.
+  return if SL::Auth::OK() != $::auth->authenticate($login, undef);
+
+  $::auth->create_or_refresh_session;
+  $::auth->delete_session_value('FLASH');
+
+  $self->_redirect_to_main_script(\%user);
 
-sub keep_auth_vars_in_form {
   return 1;
 }
 
-- 
2.20.1