kivitendo/SL/Controller/LoginScreen.pm @ 5cada5ab
| 540c0b5e | Moritz Bunkus | package SL::Controller::LoginScreen;
|
||
use strict;
|
||||
use parent qw(SL::Controller::Base);
|
||||
| 3772d03a | Moritz Bunkus | use List::Util qw(first);
|
||
| 540c0b5e | Moritz Bunkus | use SL::Dispatcher::AuthHandler::User;
|
||
| 3772d03a | Moritz Bunkus | use SL::DB::AuthClient;
|
||
use SL::DB::AuthGroup;
|
||||
use SL::DB::AuthUser;
|
||||
| 383534cc | Moritz Bunkus | use SL::DB::Employee;
|
||
| 722fee3c | Moritz Bunkus | use SL::Locale::String qw(t8);
|
||
| 540c0b5e | Moritz Bunkus | use SL::User;
|
||
| 4a395995 | Sven Schöling | use SL::Version;
|
||
| 540c0b5e | Moritz Bunkus | |||
| 3772d03a | Moritz Bunkus | use Rose::Object::MakeMethods::Generic (
|
||
'scalar --get_set_init' => [ qw(clients default_client_id) ],
|
||||
);
|
||||
| 38902b24 | Sven Schöling | __PACKAGE__->run_before('set_layout');
|
||
| 3772d03a | Moritz Bunkus | |||
| 540c0b5e | Moritz Bunkus | #
|
||
# actions
|
||||
#
|
||||
sub action_user_login {
|
||||
my ($self) = @_;
|
||||
| 22efd8a7 | Moritz Bunkus | # If the user is already logged in then redirect to the proper menu
|
||
# script.
|
||||
return if $self->_redirect_to_main_script_if_already_logged_in;
|
||||
# Otherwise show the login form.
|
||||
| f5851080 | Moritz Bunkus | $self->show_login_form(error_state($::form->{error}));
|
||
| 540c0b5e | Moritz Bunkus | }
|
||
sub action_logout {
|
||||
my ($self) = @_;
|
||||
$::auth->destroy_session;
|
||||
$::auth->create_or_refresh_session;
|
||||
| 77505215 | Moritz Bunkus | $self->show_login_form(info => $::locale->text('You are logged out!'));
|
||
| 540c0b5e | Moritz Bunkus | }
|
||
sub action_login {
|
||||
my ($self) = @_;
|
||||
| 1c7afd9e | Moritz Bunkus | my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
|
||
my $client_id = $::form->{'{AUTH}client_id'} || $::auth->get_session_value('client_id');
|
||||
my $error = t8('Incorrect username or password or no access to selected client!');
|
||||
if (!$::auth->set_client($client_id)) {
|
||||
$::auth->punish_wrong_login;
|
||||
return $self->show_login_form(error => $error);
|
||||
}
|
||||
| 6c21fd13 | Moritz Bunkus | %::myconfig = $login ? $::auth->read_user(login => $login) : ();
|
||
| 540c0b5e | Moritz Bunkus | $::locale = Locale->new($::myconfig{countrycode}) if $::myconfig{countrycode};
|
||
| a4c8924a | Bernd Bleßmann | my $auth_result = SL::Dispatcher::AuthHandler::User->new->handle(callback => $::form->{callback});
|
||
| d3cfa206 | Bernd Bleßmann | |||
$::dispatcher->end_request unless $auth_result;
|
||||
| 722fee3c | Moritz Bunkus | |||
$::request->layout(SL::Layout::Dispatcher->new(style => $::myconfig{menustyle}));
|
||||
| 540c0b5e | Moritz Bunkus | |||
# if we get an error back, bale out
|
||||
| 722fee3c | Moritz Bunkus | my $result = User->new(login => $::myconfig{login})->login($::form);
|
||
| 540c0b5e | Moritz Bunkus | |||
# Auth DB needs update? If so log the user out forcefully.
|
||||
| 6ca9244c | Moritz Bunkus | if (User::LOGIN_AUTH_DBUPDATE_AVAILABLE() == $result) {
|
||
| 540c0b5e | Moritz Bunkus | $::auth->destroy_session;
|
||
| a1ea659f | Sven Schöling | # must be without layout because menu rights might not exist yet
|
||
return $self->render('login_screen/auth_db_needs_update', { layout => 0 });
|
||||
| 540c0b5e | Moritz Bunkus | }
|
||
| 6ca9244c | Moritz Bunkus | # Basic client tables available? If not tell the user to create them
|
||
# and log the user out forcefully.
|
||||
if (User::LOGIN_BASIC_TABLES_MISSING() == $result) {
|
||||
$::auth->destroy_session;
|
||||
return $self->render('login_screen/basic_tables_missing');
|
||||
}
|
||||
# Database update available?
|
||||
| 09479f02 | Moritz Bunkus | $::dispatcher->end_request if User::LOGIN_DBUPDATE_AVAILABLE() == $result;
|
||
| 6ca9244c | Moritz Bunkus | |||
| 540c0b5e | Moritz Bunkus | # Other login errors.
|
||
| 6ca9244c | Moritz Bunkus | if (User::LOGIN_OK() != $result) {
|
||
| 540c0b5e | Moritz Bunkus | $::auth->punish_wrong_login;
|
||
| 1c7afd9e | Moritz Bunkus | return $self->show_login_form(error => $error);
|
||
| 540c0b5e | Moritz Bunkus | }
|
||
# Everything is fine.
|
||||
$::auth->set_cookie_environment_variable();
|
||||
| 722fee3c | Moritz Bunkus | $self->_redirect_to_main_script;
|
||
| 22efd8a7 | Moritz Bunkus | }
|
||
#
|
||||
# settings
|
||||
#
|
||||
sub get_auth_level {
|
||||
return 'none';
|
||||
}
|
||||
sub keep_auth_vars_in_form {
|
||||
return 1;
|
||||
}
|
||||
#
|
||||
# private methods
|
||||
#
|
||||
sub _redirect_to_main_script {
|
||||
| 722fee3c | Moritz Bunkus | my ($self) = @_;
|
||
| 22efd8a7 | Moritz Bunkus | |||
| 540c0b5e | Moritz Bunkus | return $self->redirect_to($::form->{callback}) if $::form->{callback};
|
||
| 3880d657 | Sven Schöling | $self->redirect_to(controller => "login.pl", action => 'company_logo');
|
||
| 540c0b5e | Moritz Bunkus | }
|
||
| 22efd8a7 | Moritz Bunkus | sub _redirect_to_main_script_if_already_logged_in {
|
||
my ($self) = @_;
|
||||
# Get 'login' from valid session.
|
||||
my $login = $::auth->get_session_value('login');
|
||||
return unless $login;
|
||||
# See whether or not the user exists in the database.
|
||||
my %user = $::auth->read_user(login => $login);
|
||||
return if ($user{login} || '') ne $login;
|
||||
| e06fdbe7 | Moritz Bunkus | # Check if there's a client set in the session -- and whether or not
|
||
# the user still has access to the client.
|
||||
my $client_id = $::auth->get_session_value('client_id');
|
||||
return if !$client_id;
|
||||
if (!$::auth->set_client($client_id)) {
|
||||
$::auth->punish_wrong_login;
|
||||
$::auth->destroy_session;
|
||||
$::auth->create_or_refresh_session;
|
||||
$self->show_login_form(error => t8('Incorrect username or password or no access to selected client!'));
|
||||
return 1;
|
||||
}
|
||||
| 22efd8a7 | Moritz Bunkus | # Check if the session is logged in correctly.
|
||
return if SL::Auth::OK() != $::auth->authenticate($login, undef);
|
||||
$::auth->create_or_refresh_session;
|
||||
$::auth->delete_session_value('FLASH');
|
||||
$self->_redirect_to_main_script(\%user);
|
||||
| 540c0b5e | Moritz Bunkus | |||
return 1;
|
||||
}
|
||||
| 3ab26ffc | Sven Schöling | sub error_state {
|
||
| f5851080 | Moritz Bunkus | my %states = (
|
||
session => { warning => t8('The session has expired. Please log in again.') },
|
||||
password => { error => t8('Incorrect username or password or no access to selected client!') },
|
||||
| 63b5c301 | Moritz Bunkus | action => { warning => t8('The action is missing or invalid.') },
|
||
| f5851080 | Moritz Bunkus | );
|
||
return %{ $states{$_[0]} || {} };
|
||||
| 3ab26ffc | Sven Schöling | }
|
||
| 38902b24 | Sven Schöling | sub set_layout {
|
||
| a4e85aed | Sven Schöling | $::request->{layout} = $::request->is_mobile
|
||
? SL::Layout::Dispatcher->new(style => 'mobile_login')
|
||||
: SL::Layout::Dispatcher->new(style => 'login');
|
||||
| 38902b24 | Sven Schöling | }
|
||
| 3772d03a | Moritz Bunkus | sub init_clients {
|
||
return SL::DB::Manager::AuthClient->get_all_sorted;
|
||||
}
|
||||
sub init_default_client_id {
|
||||
my ($self) = @_;
|
||||
my $default_client = first { $_->is_default } @{ $self->clients };
|
||||
return $default_client ? $default_client->id : undef;
|
||||
}
|
||||
| 1c7afd9e | Moritz Bunkus | sub show_login_form {
|
||
my ($self, %params) = @_;
|
||||
| a4c8924a | Bernd Bleßmann | $self->render('login_screen/user_login', %params, version => SL::Version->get_version, callback => $::form->{callback});
|
||
| 1c7afd9e | Moritz Bunkus | }
|
||
| 540c0b5e | Moritz Bunkus | 1;
|