From 32b79fa8495846e993a7130fc9271ca39e2e6c44 Mon Sep 17 00:00:00 2001 From: Moritz Bunkus Date: Thu, 6 Jun 2013 16:44:38 +0200 Subject: [PATCH] =?utf8?q?Admin-Auth-Handler:=20FLASH=20l=C3=B6schen=20(wi?= =?utf8?q?e=20auch=20beim=20User)?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- SL/Dispatcher/AuthHandler/Admin.pm | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/SL/Dispatcher/AuthHandler/Admin.pm b/SL/Dispatcher/AuthHandler/Admin.pm index baacc67e3..babdc223a 100644 --- a/SL/Dispatcher/AuthHandler/Admin.pm +++ b/SL/Dispatcher/AuthHandler/Admin.pm @@ -10,15 +10,21 @@ sub handle { %::myconfig = (); - return 1 if $::auth->get_api_token_cookie; - return 1 if $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK()); - return 1 if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK()); - return 1 if $params{action} eq 'login'; + my $ok = $::auth->get_api_token_cookie ? 1 : 0; + $ok ||= $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK()); + $ok ||= !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK()); + $ok ||= $params{action} eq 'login'; - $::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin'); + $::auth->create_or_refresh_session; - $::auth->punish_wrong_login; + if ($ok) { + $::auth->delete_session_value('FLASH'); + return 1; + } + + $::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin'); $::auth->delete_session_value('admin_password'); + $::auth->punish_wrong_login; SL::Dispatcher::show_error('admin/adminlogin', 'password'); return 0; -- 2.20.1