X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/b6fd15a8dc44f9b09d5a2bce766cda14b87c6e13..d8ac08282dad52789b8bea785e8cddae44085483:/SL/Dispatcher/AuthHandler/Admin.pm?ds=inline

diff --git a/SL/Dispatcher/AuthHandler/Admin.pm b/SL/Dispatcher/AuthHandler/Admin.pm
index 2e41ee90e..baacc67e3 100644
--- a/SL/Dispatcher/AuthHandler/Admin.pm
+++ b/SL/Dispatcher/AuthHandler/Admin.pm
@@ -6,16 +6,22 @@ use parent qw(Rose::Object);
 use SL::Layout::Dispatcher;
 
 sub handle {
+  my ($self, %params) = @_;
+
   %::myconfig = ();
 
-  return if  $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'})            == $::auth->OK());
-  return if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
+  return 1 if  $::auth->get_api_token_cookie;
+  return 1 if  $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'})            == $::auth->OK());
+  return 1 if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
+  return 1 if $params{action} eq 'login';
 
   $::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin');
 
   $::auth->punish_wrong_login;
   $::auth->delete_session_value('admin_password');
   SL::Dispatcher::show_error('admin/adminlogin', 'password');
+
+  return 0;
 }
 
 1;