Autologin: Do not require a bogus password in the source code

2014-06-11 15:04:15 +02:00 · 2014-06-11 15:04:15 +02:00 · 7215ba4f59
parent 63fc8eb27e
commit 7215ba4f59
2 changed files with 3 additions and 4 deletions
--- a/application/controllers/AuthenticationController.php
+++ b/application/controllers/AuthenticationController.php
@ -63,8 +63,6 @@ class AuthenticationController extends ActionController
        $this->view->form = new LoginForm();
        $this->view->form->setRequest($this->_request);
        $this->view->title = $this->translate('Icingaweb Login');
-        $user = new User('');
-        $password = '';

        try {
            $redirectUrl = Url::fromPath($this->_request->getParam('redirect', 'dashboard'));
@ -95,9 +93,10 @@ class AuthenticationController extends ActionController


            if ($this->getRequest()->isGet()) {
+                $user = new User('');
                foreach ($chain as $backend) {
                    if ($backend instanceof AutoLoginBackend) {
-                        $authenticated  = $backend->authenticate($user, $password);
+                        $authenticated  = $backend->authenticate($user);
                        if ($authenticated === true) {
                            $auth->setAuthenticated($user);
                            $this->redirectNow($redirectUrl);
--- a/library/Icinga/Authentication/Backend/AutoLoginBackend.php
+++ b/library/Icinga/Authentication/Backend/AutoLoginBackend.php
@ -75,7 +75,7 @@ class AutoLoginBackend extends UserBackend
     *
     * @return  bool
     */
-    public function authenticate(User $user, $password)
+    public function authenticate(User $user, $password = null)
    {
        return $this->hasUser($user);
    }