Revision 0e451e1b
Von Moritz Bunkus vor fast 12 Jahren hinzugefügt
SL/Dispatcher.pm | ||
---|---|---|
241 | 241 |
action => $action, |
242 | 242 |
); |
243 | 243 |
|
244 |
::end_of_request() unless $auth_result{auth_ok}; |
|
245 |
|
|
244 | 246 |
delete @{ $::form }{ grep { m/^\{AUTH\}/ } keys %{ $::form } } unless $auth_result{keep_auth_vars}; |
245 | 247 |
|
246 | 248 |
if ($action) { |
SL/Dispatcher/AuthHandler.pm | ||
---|---|---|
18 | 18 |
my $handler_name = "SL::Dispatcher::AuthHandler::" . ucfirst($auth_level); |
19 | 19 |
$self->{handlers} ||= {}; |
20 | 20 |
$self->{handlers}->{$handler_name} ||= $handler_name->new; |
21 |
$self->{handlers}->{$handler_name}->handle; |
|
21 |
my $ok = $self->{handlers}->{$handler_name}->handle;
|
|
22 | 22 |
|
23 | 23 |
return ( |
24 | 24 |
auth_level => $auth_level, |
25 | 25 |
keep_auth_vars => $self->get_keep_auth_vars(%param), |
26 |
auth_ok => $ok, |
|
26 | 27 |
); |
27 | 28 |
} |
28 | 29 |
|
SL/Dispatcher/AuthHandler/Admin.pm | ||
---|---|---|
8 | 8 |
sub handle { |
9 | 9 |
%::myconfig = (); |
10 | 10 |
|
11 |
return if $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK()); |
|
12 |
return if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK()); |
|
11 |
return 1 if $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'}) == $::auth->OK());
|
|
12 |
return 1 if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
|
|
13 | 13 |
|
14 | 14 |
$::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin'); |
15 | 15 |
|
16 | 16 |
$::auth->punish_wrong_login; |
17 | 17 |
$::auth->delete_session_value('admin_password'); |
18 | 18 |
SL::Dispatcher::show_error('admin/adminlogin', 'password'); |
19 |
|
|
20 |
return 0; |
|
19 | 21 |
} |
20 | 22 |
|
21 | 23 |
1; |
SL/Dispatcher/AuthHandler/None.pm | ||
---|---|---|
6 | 6 |
|
7 | 7 |
sub handle { |
8 | 8 |
%::myconfig = (); |
9 |
return 1; |
|
9 | 10 |
} |
10 | 11 |
|
11 | 12 |
1; |
SL/Dispatcher/AuthHandler/User.pm | ||
---|---|---|
9 | 9 |
my ($self, %param) = @_; |
10 | 10 |
|
11 | 11 |
my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login'); |
12 |
$self->_error(%param) if !defined $login; |
|
12 |
return $self->_error(%param) if !defined $login;
|
|
13 | 13 |
|
14 | 14 |
%::myconfig = $::auth->read_user(login => $login); |
15 | 15 |
|
16 |
$self->_error(%param) unless $::myconfig{login}; |
|
16 |
return $self->_error(%param) unless $::myconfig{login};
|
|
17 | 17 |
|
18 | 18 |
$::locale = Locale->new($::myconfig{countrycode}); |
19 | 19 |
$::request->{layout} = SL::Layout::Dispatcher->new(style => $::myconfig{menustyle}); |
... | ... | |
21 | 21 |
my $ok = $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'})); |
22 | 22 |
$ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef)); |
23 | 23 |
|
24 |
$self->_error(%param) if !$ok; |
|
24 |
return $self->_error(%param) if !$ok;
|
|
25 | 25 |
|
26 | 26 |
$::auth->create_or_refresh_session; |
27 | 27 |
$::auth->delete_session_value('FLASH'); |
28 | 28 |
|
29 |
return %::myconfig;
|
|
29 |
return 1;
|
|
30 | 30 |
} |
31 | 31 |
|
32 | 32 |
sub _error { |
... | ... | |
34 | 34 |
|
35 | 35 |
$::auth->punish_wrong_login; |
36 | 36 |
print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login&error=password'); |
37 |
return 0; |
|
37 | 38 |
} |
38 | 39 |
|
39 | 40 |
1; |
Auch abrufbar als: Unified diff
Nach fehlgeschlagenem AuthHandler Request nicht fortsetzen
Ansonsten wird zwar der '302'-Redirect ausgegeben, der Controller aber
trotzdem ausgeführt.