Projekt

Allgemein

Profil

« Zurück | Weiter » 

Revision 0e451e1b

Von Moritz Bunkus vor fast 12 Jahren hinzugefügt

  • ID 0e451e1bd489910141207434861a848ddf4da2ce
  • Vorgänger c3bbf6d3
  • Nachfolger 6c21fd13

Nach fehlgeschlagenem AuthHandler Request nicht fortsetzen

Ansonsten wird zwar der '302'-Redirect ausgegeben, der Controller aber
trotzdem ausgeführt.

Unterschiede anzeigen:

SL/Dispatcher.pm
241 241
        action       => $action,
242 242
      );
243 243

  
244
      ::end_of_request() unless $auth_result{auth_ok};
245

  
244 246
      delete @{ $::form }{ grep { m/^\{AUTH\}/ } keys %{ $::form } } unless $auth_result{keep_auth_vars};
245 247

  
246 248
      if ($action) {
SL/Dispatcher/AuthHandler.pm
18 18
  my $handler_name                     = "SL::Dispatcher::AuthHandler::" . ucfirst($auth_level);
19 19
  $self->{handlers}                  ||= {};
20 20
  $self->{handlers}->{$handler_name} ||= $handler_name->new;
21
  $self->{handlers}->{$handler_name}->handle;
21
  my $ok = $self->{handlers}->{$handler_name}->handle;
22 22

  
23 23
  return (
24 24
    auth_level     => $auth_level,
25 25
    keep_auth_vars => $self->get_keep_auth_vars(%param),
26
    auth_ok        => $ok,
26 27
  );
27 28
}
28 29

  
SL/Dispatcher/AuthHandler/Admin.pm
8 8
sub handle {
9 9
  %::myconfig = ();
10 10

  
11
  return if  $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'})            == $::auth->OK());
12
  return if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
11
  return 1 if  $::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::form->{'{AUTH}admin_password'})            == $::auth->OK());
12
  return 1 if !$::form->{'{AUTH}admin_password'} && ($::auth->authenticate_root($::auth->get_session_value('admin_password')) == $::auth->OK());
13 13

  
14 14
  $::request->{layout} = SL::Layout::Dispatcher->new(style => 'admin');
15 15

  
16 16
  $::auth->punish_wrong_login;
17 17
  $::auth->delete_session_value('admin_password');
18 18
  SL::Dispatcher::show_error('admin/adminlogin', 'password');
19

  
20
  return 0;
19 21
}
20 22

  
21 23
1;
SL/Dispatcher/AuthHandler/None.pm
6 6

  
7 7
sub handle {
8 8
  %::myconfig = ();
9
  return 1;
9 10
}
10 11

  
11 12
1;
SL/Dispatcher/AuthHandler/User.pm
9 9
  my ($self, %param) = @_;
10 10

  
11 11
  my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
12
  $self->_error(%param) if !defined $login;
12
  return $self->_error(%param) if !defined $login;
13 13

  
14 14
  %::myconfig = $::auth->read_user(login => $login);
15 15

  
16
  $self->_error(%param) unless $::myconfig{login};
16
  return $self->_error(%param) unless $::myconfig{login};
17 17

  
18 18
  $::locale = Locale->new($::myconfig{countrycode});
19 19
  $::request->{layout} = SL::Layout::Dispatcher->new(style => $::myconfig{menustyle});
......
21 21
  my $ok   =  $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'}));
22 22
  $ok    ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef));
23 23

  
24
  $self->_error(%param) if !$ok;
24
  return $self->_error(%param) if !$ok;
25 25

  
26 26
  $::auth->create_or_refresh_session;
27 27
  $::auth->delete_session_value('FLASH');
28 28

  
29
  return %::myconfig;
29
  return 1;
30 30
}
31 31

  
32 32
sub _error {
......
34 34

  
35 35
  $::auth->punish_wrong_login;
36 36
  print $::request->{cgi}->redirect('controller.pl?action=LoginScreen/user_login&error=password');
37
  return 0;
37 38
}
38 39

  
39 40
1;

Auch abrufbar als: Unified diff