sort out debugging, fix a todo

[cgi-auth-flexible.git] / cgi-auth-flexible.pm

diff --git a/cgi-auth-flexible.pm b/cgi-auth-flexible.pm
index af4c30b48b2c7938412f6208172fe218da46305d..49b3303464278cb56b45f30f947adfcccc16030f 100644 (file)
--- a/cgi-auth-flexible.pm
+++ b/cgi-auth-flexible.pm
@@ -32,7 +32,7 @@ BEGIN {
     @EXPORT      = qw();
     %EXPORT_TAGS = ( );     # eg: TAG => [ qw!name1 name2! ],
 
-    @EXPORT_OK   = qw(setup);
+    @EXPORT_OK   = qw();
 }
 our @EXPORT_OK;
 
@@ -93,8 +93,8 @@ sub login_ok_password ($$) {
     my $username_params = $r->{S}{username_param_names};
     my $username = $r->_ch('get_param',$username_params->[0]);
     my $password = $r->_rp('password_param_name');
-    return undef unless $r->_ch('username_password_ok', $username, $password);
-    return $username;
+    my $error = $r->_ch('username_password_error', $username, $password);
+    return defined($error) ? (undef,$error) : ($username,undef);
 }
 
 sub do_redirect_cgi ($$$$) {
@@ -209,7 +209,7 @@ sub new_verifier {
            get_url => sub { $_[0]->url(); },
             is_login => sub { defined $_[1]->_rp('password_param_name') },
             login_ok => \&login_ok_password,
-            username_password_ok => sub { die },
+            username_password_error => sub { die },
            is_logout => sub { $_[1]->has_a_param('logout_param_names') },
            is_loggedout => sub { $_[1]->has_a_param('loggedout_param_names') },
            is_page => sub { return 1 },
@@ -507,7 +507,7 @@ sub _check_divert_core ($) {
        $r->_db_revoke($cookh);
        $r->_db_revoke($parmh);
        return ({ Kind => 'REDIRECT-LOGGEDOUT',
-                 Message => "Logging out...",
+                 Message => $r->_gt("Logging out..."),
                  CookieSecret => '',
                  Params => { } });
     }
@@ -516,7 +516,7 @@ sub _check_divert_core ($) {
        die unless $cookt;
        die unless $parmt;
        return ({ Kind => 'SMALLPAGE-LOGGEDOUT',
-                 Message => "You have been logged out.",
+                 Message => $r->_gt("You have been logged out."),
                  CookieSecret => '',
                  Params => { } });
     }
@@ -525,29 +525,33 @@ sub _check_divert_core ($) {
        die unless $parmt;
         if (!$cookt && $parmt eq 't') {
             return ({ Kind => 'SMALLPAGE-NOCOOKIE',
-                      Message => "You do not seem to have cookies enabled.  ".
-                          "You must enable cookies as we use them for login.",
+                      Message => $r->_gt("You do not seem to have cookies".
+                                         " enabled.  You must enable cookies".
+                                         " as we use them for login."),
                       CookieSecret => $r->_fresh_secret(),
                       Params => $r->chain_params() })
         }
         if (!$cookt || $cookt eq 'n' || $cookh ne $parmh) {
             $r->_db_revoke($cookh);
             return ({ Kind => 'LOGIN-STALE',
-                      Message => "Stale session; you need to log in again.",
+                      Message => $r->_gt("Stale session;".
+                                         " you need to log in again."),
                       CookieSecret => $r->_fresh_secret(),
                       Params => { } })
         }
        die unless $parmt eq 't' || $parmt eq 'y';
-       my $username = $r->_ch('login_ok');
+       my ($username, $login_errormessage) = $r->_ch('login_ok');
         unless (defined $username && length $username) {
+            $login_errormessage = $r->_gt("Incorrect username/password.")
+                if !$login_errormessage;
             return ({ Kind => 'LOGIN-BAD',
-                      Message => "Incorrect username/password.",
+                      Message => $login_errormessage,
                       CookieSecret => $cooks,
                       Params => $r->chain_params() })
         }
        $r->_db_record_login_ok($parmh,$username);
        return ({ Kind => 'REDIRECT-LOGGEDIN',
-                 Message => "Logging in...",
+                 Message => $r->_gt("Logging in..."),
                  CookieSecret => $cooks,
                  Params => $r->chain_params() });
     }
@@ -567,13 +571,13 @@ sub _check_divert_core ($) {
        my $news = $r->_fresh_secret();
        if ($meth eq 'GET') {
            return ({ Kind => 'LOGIN-INCOMINGLINK',
-                     Message => "You need to log in.",
+                     Message => $r->_gt("You need to log in."),
                      CookieSecret => $news,
                      Params => $r->chain_params() });
        } else {
            $r->_db_revoke($parmh);
            return ({ Kind => 'LOGIN-FRESH',
-                      Message => "You need to log in.",
+                      Message => $r->_gt("You need to log in."),
                       CookieSecret => $news,
                       Params => { } });
        }
@@ -582,7 +586,7 @@ sub _check_divert_core ($) {
     if (!$r->{S}{promise_check_mutate}) {
        if ($meth ne 'POST') {
            return ({ Kind => 'MAINPAGEONLY',
-                     Message => 'Entering via cross-site link.',
+                     Message => $r->_gt('Entering via cross-site link.'),
                      CookieSecret => $cooks,
                      Params => { } });
            # NB caller must then ignore params & path!
@@ -779,15 +783,15 @@ sub check_ok ($) {
     my ($title, @body);
     if ($kind =~ m/^LOGIN-/) {
        $title = $r->_gt('Login');
-       push @body, $r->_gt($divert->{Message});
+       push @body, $divert->{Message};
        push @body, $r->_ch('gen_login_form', $params);
     } elsif ($kind =~ m/^SMALLPAGE-/) {
        $title = $r->_gt('Not logged in');
-       push @body, $r->_gt($divert->{Message});
+       push @body, $divert->{Message};
        push @body, $r->_ch('gen_login_link', $params);
     } elsif ($kind =~ m/^MAINPAGEONLY$/) {
         $title = $r->_gt('Entering secure site.');
-        push @body, $r->_gt($divert->{Message});
+        push @body, $divert->{Message};
         push @body, $r->_ch('gen_postmainpage_form', $params);
     } else {
        die $kind;