tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-25 14:54:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Auth: Get password from form only once

Browse Source 
Before, the user's password was retrieved for every authentication
backend tried for authentication.
This commit is contained in:
Eric Lippmann 2014-06-02 14:04:45 +02:00
parent a379502b15
commit ede403977a
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
application/controllers/AuthenticationController.php
View File

@ -75,8 +75,6 @@ class AuthenticationController extends ActionController
} }
if ($this->view->form->isSubmittedAndValid()) { if ($this->view->form->isSubmittedAndValid()) {
$user = new User($this->view->form->getValue('username'));
try { try {
$config = Config::app('authentication'); $config = Config::app('authentication');
} catch (NotReadableError $e) { } catch (NotReadableError $e) {
@ -88,6 +86,8 @@ class AuthenticationController extends ActionController
. ' up. Please contact your Icinga Web administrator' . ' up. Please contact your Icinga Web administrator'
); );
} }
$user = new User($this->view->form->getValue('username'));
$password = $this->view->form->getValue('password');
// TODO(el): Currently the user is only notified about authentication backend problems when all backends // TODO(el): Currently the user is only notified about authentication backend problems when all backends
// have errors. It may be the case that the authentication backend which provides the user has errors // have errors. It may be the case that the authentication backend which provides the user has errors
@ -98,7 +98,7 @@ class AuthenticationController extends ActionController
$backendsWithError = 0; $backendsWithError = 0;
$chain = new AuthChain($config); $chain = new AuthChain($config);
foreach ($chain as $backend) { foreach ($chain as $backend) {
$authenticated = $backend->authenticate($user, $this->view->form->getValue('password')); $authenticated = $backend->authenticate($user, $password);
if ($authenticated === true) { if ($authenticated === true) {
$auth->setAuthenticated($user); $auth->setAuthenticated($user);
$this->redirectNow($redirectUrl); $this->redirectNow($redirectUrl);