Revision 0e451e1b
Von Moritz Bunkus vor fast 12 Jahren hinzugefügt
| SL/Dispatcher.pm | ||
|---|---|---|
| 241 | 241 |
action => $action, |
| 242 | 242 |
); |
| 243 | 243 |
|
| 244 |
::end_of_request() unless $auth_result{auth_ok};
|
|
| 245 |
|
|
| 244 | 246 |
delete @{ $::form }{ grep { m/^\{AUTH\}/ } keys %{ $::form } } unless $auth_result{keep_auth_vars};
|
| 245 | 247 |
|
| 246 | 248 |
if ($action) {
|
| SL/Dispatcher/AuthHandler.pm | ||
|---|---|---|
| 18 | 18 |
my $handler_name = "SL::Dispatcher::AuthHandler::" . ucfirst($auth_level); |
| 19 | 19 |
$self->{handlers} ||= {};
|
| 20 | 20 |
$self->{handlers}->{$handler_name} ||= $handler_name->new;
|
| 21 |
$self->{handlers}->{$handler_name}->handle;
|
|
| 21 |
my $ok = $self->{handlers}->{$handler_name}->handle;
|
|
| 22 | 22 |
|
| 23 | 23 |
return ( |
| 24 | 24 |
auth_level => $auth_level, |
| 25 | 25 |
keep_auth_vars => $self->get_keep_auth_vars(%param), |
| 26 |
auth_ok => $ok, |
|
| 26 | 27 |
); |
| 27 | 28 |
} |
| 28 | 29 |
|
| SL/Dispatcher/AuthHandler/Admin.pm | ||
|---|---|---|
| 8 | 8 |
sub handle {
|
| 9 | 9 |
%::myconfig = (); |
| 10 | 10 |
|
| 11 |
return if $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK());
|
|
| 12 |
return if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
|
|
| 11 |
return 1 if $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK());
|
|
| 12 |
return 1 if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
|
|
| 13 | 13 |
|
| 14 | 14 |
$::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin');
|
| 15 | 15 |
|
| 16 | 16 |
$::auth->punish_wrong_login; |
| 17 | 17 |
$::auth->delete_session_value('admin_password');
|
| 18 | 18 |
SL::Dispatcher::show_error('admin/adminlogin', 'password');
|
| 19 |
|
|
| 20 |
return 0; |
|
| 19 | 21 |
} |
| 20 | 22 |
|
| 21 | 23 |
1; |
| SL/Dispatcher/AuthHandler/None.pm | ||
|---|---|---|
| 6 | 6 |
|
| 7 | 7 |
sub handle {
|
| 8 | 8 |
%::myconfig = (); |
| 9 |
return 1; |
|
| 9 | 10 |
} |
| 10 | 11 |
|
| 11 | 12 |
1; |
| SL/Dispatcher/AuthHandler/User.pm | ||
|---|---|---|
| 9 | 9 |
my ($self, %param) = @_; |
| 10 | 10 |
|
| 11 | 11 |
my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
|
| 12 |
$self->_error(%param) if !defined $login; |
|
| 12 |
return $self->_error(%param) if !defined $login;
|
|
| 13 | 13 |
|
| 14 | 14 |
%::myconfig = $::auth->read_user(login => $login); |
| 15 | 15 |
|
| 16 |
$self->_error(%param) unless $::myconfig{login};
|
|
| 16 |
return $self->_error(%param) unless $::myconfig{login};
|
|
| 17 | 17 |
|
| 18 | 18 |
$::locale = Locale->new($::myconfig{countrycode});
|
| 19 | 19 |
$::request->{layout} = SL::Layout::Dispatcher->new(style => $::myconfig{menustyle});
|
| ... | ... | |
| 21 | 21 |
my $ok = $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'}));
|
| 22 | 22 |
$ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef));
|
| 23 | 23 |
|
| 24 |
$self->_error(%param) if !$ok; |
|
| 24 |
return $self->_error(%param) if !$ok;
|
|
| 25 | 25 |
|
| 26 | 26 |
$::auth->create_or_refresh_session; |
| 27 | 27 |
$::auth->delete_session_value('FLASH');
|
| 28 | 28 |
|
| 29 |
return %::myconfig;
|
|
| 29 |
return 1;
|
|
| 30 | 30 |
} |
| 31 | 31 |
|
| 32 | 32 |
sub _error {
|
| ... | ... | |
| 34 | 34 |
|
| 35 | 35 |
$::auth->punish_wrong_login; |
| 36 | 36 |
print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login&error=password');
|
| 37 |
return 0; |
|
| 37 | 38 |
} |
| 38 | 39 |
|
| 39 | 40 |
1; |
Auch abrufbar als: Unified diff
Nach fehlgeschlagenem AuthHandler Request nicht fortsetzen
Ansonsten wird zwar der '302'-Redirect ausgegeben, der Controller aber
trotzdem ausgeführt.