X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=cgi-auth-flexible.pm;h=49b3303464278cb56b45f30f947adfcccc16030f;hb=e4eea69f44d3b010401e24bd7bfa24e9886498f0;hp=af4c30b48b2c7938412f6208172fe218da46305d;hpb=af3159edbfe74d267bb6441c1e7dc7360168ad6e;p=cgi-auth-flexible.git

diff --git a/cgi-auth-flexible.pm b/cgi-auth-flexible.pm
index af4c30b..49b3303 100644
--- a/cgi-auth-flexible.pm
+++ b/cgi-auth-flexible.pm
@@ -32,7 +32,7 @@ BEGIN {
     @EXPORT      = qw();
     %EXPORT_TAGS = ( );     # eg: TAG => [ qw!name1 name2! ],
 
-    @EXPORT_OK   = qw(setup);
+    @EXPORT_OK   = qw();
 }
 our @EXPORT_OK;
 
@@ -93,8 +93,8 @@ sub login_ok_password ($$) {
     my $username_params = $r->{S}{username_param_names};
     my $username = $r->_ch('get_param',$username_params->[0]);
     my $password = $r->_rp('password_param_name');
-    return undef unless $r->_ch('username_password_ok', $username, $password);
-    return $username;
+    my $error = $r->_ch('username_password_error', $username, $password);
+    return defined($error) ? (undef,$error) : ($username,undef);
 }
 
 sub do_redirect_cgi ($$$$) {
@@ -209,7 +209,7 @@ sub new_verifier {
 	    get_url => sub { $_[0]->url(); },
             is_login => sub { defined $_[1]->_rp('password_param_name') },
             login_ok => \&login_ok_password,
-            username_password_ok => sub { die },
+            username_password_error => sub { die },
 	    is_logout => sub { $_[1]->has_a_param('logout_param_names') },
 	    is_loggedout => sub { $_[1]->has_a_param('loggedout_param_names') },
 	    is_page => sub { return 1 },
@@ -507,7 +507,7 @@ sub _check_divert_core ($) {
 	$r->_db_revoke($cookh);
 	$r->_db_revoke($parmh);
 	return ({ Kind => 'REDIRECT-LOGGEDOUT',
-		  Message => "Logging out...",
+		  Message => $r->_gt("Logging out..."),
 		  CookieSecret => '',
 		  Params => { } });
     }
@@ -516,7 +516,7 @@ sub _check_divert_core ($) {
 	die unless $cookt;
 	die unless $parmt;
 	return ({ Kind => 'SMALLPAGE-LOGGEDOUT',
-		  Message => "You have been logged out.",
+		  Message => $r->_gt("You have been logged out."),
 		  CookieSecret => '',
 		  Params => { } });
     }
@@ -525,29 +525,33 @@ sub _check_divert_core ($) {
 	die unless $parmt;
         if (!$cookt && $parmt eq 't') {
             return ({ Kind => 'SMALLPAGE-NOCOOKIE',
-                      Message => "You do not seem to have cookies enabled.  ".
-                          "You must enable cookies as we use them for login.",
+                      Message => $r->_gt("You do not seem to have cookies".
+                                         " enabled.  You must enable cookies".
+                                         " as we use them for login."),
                       CookieSecret => $r->_fresh_secret(),
                       Params => $r->chain_params() })
         }
         if (!$cookt || $cookt eq 'n' || $cookh ne $parmh) {
             $r->_db_revoke($cookh);
             return ({ Kind => 'LOGIN-STALE',
-                      Message => "Stale session; you need to log in again.",
+                      Message => $r->_gt("Stale session;".
+                                         " you need to log in again."),
                       CookieSecret => $r->_fresh_secret(),
                       Params => { } })
         }
 	die unless $parmt eq 't' || $parmt eq 'y';
-	my $username = $r->_ch('login_ok');
+	my ($username, $login_errormessage) = $r->_ch('login_ok');
         unless (defined $username && length $username) {
+            $login_errormessage = $r->_gt("Incorrect username/password.")
+                if !$login_errormessage;
             return ({ Kind => 'LOGIN-BAD',
-                      Message => "Incorrect username/password.",
+                      Message => $login_errormessage,
                       CookieSecret => $cooks,
                       Params => $r->chain_params() })
         }
 	$r->_db_record_login_ok($parmh,$username);
 	return ({ Kind => 'REDIRECT-LOGGEDIN',
-		  Message => "Logging in...",
+		  Message => $r->_gt("Logging in..."),
 		  CookieSecret => $cooks,
 		  Params => $r->chain_params() });
     }
@@ -567,13 +571,13 @@ sub _check_divert_core ($) {
 	my $news = $r->_fresh_secret();
 	if ($meth eq 'GET') {
 	    return ({ Kind => 'LOGIN-INCOMINGLINK',
-		      Message => "You need to log in.",
+		      Message => $r->_gt("You need to log in."),
 		      CookieSecret => $news,
 		      Params => $r->chain_params() });
 	} else {
 	    $r->_db_revoke($parmh);
 	    return ({ Kind => 'LOGIN-FRESH',
-                      Message => "You need to log in.",
+                      Message => $r->_gt("You need to log in."),
                       CookieSecret => $news,
                       Params => { } });
 	}
@@ -582,7 +586,7 @@ sub _check_divert_core ($) {
     if (!$r->{S}{promise_check_mutate}) {
 	if ($meth ne 'POST') {
 	    return ({ Kind => 'MAINPAGEONLY',
-		      Message => 'Entering via cross-site link.',
+		      Message => $r->_gt('Entering via cross-site link.'),
 		      CookieSecret => $cooks,
 		      Params => { } });
 	    # NB caller must then ignore params & path!
@@ -779,15 +783,15 @@ sub check_ok ($) {
     my ($title, @body);
     if ($kind =~ m/^LOGIN-/) {
 	$title = $r->_gt('Login');
-	push @body, $r->_gt($divert->{Message});
+	push @body, $divert->{Message};
 	push @body, $r->_ch('gen_login_form', $params);
     } elsif ($kind =~ m/^SMALLPAGE-/) {
 	$title = $r->_gt('Not logged in');
-	push @body, $r->_gt($divert->{Message});
+	push @body, $divert->{Message};
 	push @body, $r->_ch('gen_login_link', $params);
     } elsif ($kind =~ m/^MAINPAGEONLY$/) {
         $title = $r->_gt('Entering secure site.');
-        push @body, $r->_gt($divert->{Message});
+        push @body, $divert->{Message};
         push @body, $r->_ch('gen_postmainpage_form', $params);
     } else {
 	die $kind;