my $username_params = $r->{S}{username_param_names};
my $username = $r->_ch('get_param',$username_params->[0]);
my $password = $r->_rp('password_param_name');
- return undef unless $r->_ch('username_password_ok', $username, $password);
- return $username;
+ my $error = $r->_ch('username_password_error', $username, $password);
+ return defined($error) ? (undef,$error) : ($username,undef);
}
sub do_redirect_cgi ($$$$) {
get_url => sub { $_[0]->url(); },
is_login => sub { defined $_[1]->_rp('password_param_name') },
login_ok => \&login_ok_password,
- username_password_ok => sub { die },
+ username_password_error => sub { die },
is_logout => sub { $_[1]->has_a_param('logout_param_names') },
is_loggedout => sub { $_[1]->has_a_param('loggedout_param_names') },
is_page => sub { return 1 },
Params => { } })
}
die unless $parmt eq 't' || $parmt eq 'y';
- my $username = $r->_ch('login_ok');
+ my ($username, $login_errormessage) = $r->_ch('login_ok');
unless (defined $username && length $username) {
+ $login_errormessage = $r->_gt("Incorrect username/password.")
+ if !$login_errormessage;
return ({ Kind => 'LOGIN-BAD',
- Message => $r->_gt("Incorrect username/password."),
+ Message => $login_errormessage,
CookieSecret => $cooks,
Params => $r->chain_params() })
}
my $dump = "$ENV{'CAHTEST_HOME'}/dump";
my $verifier = CGI::Auth::Flexible->new_verifier(
- username_password_ok => sub { my ($c,$r,$u,$p)=@_; return $p eq 'sesame'; },
+ username_password_error => sub {
+ my ($c,$r,$u,$p)=@_;
+ return $p eq 'sesame' ? undef : 'wrong password'
+ },
encrypted_only => 0,
promise_check_mutate => 1,
dir => $dump,