summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xLedgerSMB.pm34
-rwxr-xr-xLedgerSMB/Session/DB.pm19
2 files changed, 24 insertions, 29 deletions
diff --git a/LedgerSMB.pm b/LedgerSMB.pm
index 96006b62..81e34759 100755
--- a/LedgerSMB.pm
+++ b/LedgerSMB.pm
@@ -215,27 +215,7 @@ sub new {
sub _get_password {
my ($self) = shift @_;
$self->{sessionexpired} = shift @_;
- $self->{hidden} = [];
- for (keys %$self){
- next if $_ =~ /(^script$|^endsession$|^password$|^hidden$)/;
- my $attr = {};
- $attr->{name} = $_;
- $attr->{value} = $self->{$_};
- push @{$self->{hidden}}, $attr;
- }
- print "WWW-Authenticate: Basic realm=\"LedgerSMB\"\n";
- print "Status: 401 Unauthorized\n\n";
- print "Please enter your credentials.\n";
- exit;
-# my $template = LedgerSMB::Template->new(
-# user =>$self->{_user},
-# locale => $self->{_locale},
-# path => 'UI',
-# template => 'get_password',
-# format => 'HTML'
-# );
-# $template->render($self);
-# $template->output('http');
+ Session::credential_prompt();
exit;
}
@@ -654,13 +634,9 @@ sub _db_init {
my $self = shift @_;
my %args = @_;
-
- # Handling of HTTP Basic Auth headers
- my $auth = $ENV{'HTTP_AUTHORIZATION'};
- $auth =~ s/Basic //i; # strip out basic authentication preface
- $auth = MIME::Base64::decode($auth);
- my ($login, $password) = split(/:/, $auth);
- $self->{login} = $login;
+ my $creds = Session::get_credentials();
+
+ $self->{login} = $creds->{login};
if (!$self->{company}){
$self->{company} = $LedgerSMB::Sysconfig::default_db;
}
@@ -671,7 +647,7 @@ sub _db_init {
# Just in case, however, I think it is a good idea to include the DBI
# error string. CT
$self->{dbh} = DBI->connect(
- "dbi:Pg:dbname=$dbname", "$login", "$password", { AutoCommit => 0 }
+ "dbi:Pg:dbname=$dbname", "$creds->{login}", "$creds->{password}", { AutoCommit => 0 }
);
my $dbh = $self->{dbh};
diff --git a/LedgerSMB/Session/DB.pm b/LedgerSMB/Session/DB.pm
index 19896ae7..419ca5d3 100755
--- a/LedgerSMB/Session/DB.pm
+++ b/LedgerSMB/Session/DB.pm
@@ -241,6 +241,25 @@ sub session_destroy {
}
+sub get_credentials {
+ # Handling of HTTP Basic Auth headers
+ my $auth = $ENV{'HTTP_AUTHORIZATION'};
+ $auth =~ s/Basic //i; # strip out basic authentication preface
+ $auth = MIME::Base64::decode($auth);
+ my $return_value = {};
+ ($return_value->{login}, $return_value->{password}) = split(/:/, $auth);
+
+ return $return_value;
+
+}
+
+sub credential_prompt{
+ print "WWW-Authenticate: Basic realm=\"LedgerSMB\"\n";
+ print "Status: 401 Unauthorized\n\n";
+ print "Please enter your credentials.\n";
+ exit;
+}
+
sub password_check {
use Digest::MD5;