X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/kivitendo-erp.git/blobdiff_plain/a3339fc75fd7c2fd1328e5444dcde255e4034f95..7647d46:/SL/Dispatcher/AuthHandler/User.pm diff --git a/SL/Dispatcher/AuthHandler/User.pm b/SL/Dispatcher/AuthHandler/User.pm index 56dbf9a34..e126d872f 100644 --- a/SL/Dispatcher/AuthHandler/User.pm +++ b/SL/Dispatcher/AuthHandler/User.pm @@ -1,26 +1,41 @@ package SL::Dispatcher::AuthHandler::User; use strict; - use parent qw(Rose::Object); +use SL::Layout::Dispatcher; + sub handle { + my ($self, %param) = @_; + my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login'); - SL::Dispatcher::show_error('login/password_error', 'password') if not defined $login; + return $self->_error(%param) if !defined $login; %::myconfig = $::auth->read_user(login => $login); - SL::Dispatcher::show_error('login/password_error', 'password') unless $::myconfig{login}; + return $self->_error(%param) unless $::myconfig{login}; $::locale = Locale->new($::myconfig{countrycode}); + $::request->{layout} = SL::Layout::Dispatcher->new(style => $::myconfig{menustyle}); - my $ok = $::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, $::form->{'{AUTH}password'})); - $ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK == $::auth->authenticate($login, undef)); + my $ok = $::auth->get_api_token_cookie ? 1 : 0; + $ok ||= $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'})); + $ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef)); - SL::Dispatcher::show_error('login/password_error', 'password') if !$ok; + return $self->_error(%param) if !$ok; $::auth->create_or_refresh_session; $::auth->delete_session_value('FLASH'); + + return 1; +} + +sub _error { + my $self = shift; + + $::auth->punish_wrong_login; + print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login&error=password'); + return 0; } 1;