Added support for automatic login after HTTP authentication if ACF user exists

author: Ted Trask <ttrask01@yahoo.com> 2013-05-30 17:15:39 +0000
committer: Ted Trask <ttrask01@yahoo.com> 2013-05-30 17:22:59 +0000
commit: a23f983dddd365a588febad96f00b876ff5e8453 (patch)
tree: 075f3baacdaef74b1eec7bf7a3519014064478ff /app
parent: 97a09940fb6805ebf55dfb43847a87fa8260be34 (diff)
download: acf-core-a23f983dddd365a588febad96f00b876ff5e8453.tar.bz2
acf-core-a23f983dddd365a588febad96f00b876ff5e8453.tar.xz
1 files changed, 13 insertions, 0 deletions
diff --git a/app/acf_www-controller.lua b/app/acf_www-controller.lua
index 820359a..91872cb 100644
--- a/app/acf_www-controller.lua
+++ b/app/acf_www-controller.lua
@@ -262,6 +262,19 @@ mvc.on_load = function (self, parent)
 		end
 	end
 
+	if not (self.sessiondata.userinfo and self.sessiondata.userinfo.userid) and ENV.REMOTE_USER then
+		-- We do not have a valid user in session data, but we have successful HTTP auth
+		-- Kill the existing session
+		if (self.sessiondata.id and self.clientdata.sessionid) then
+			sessionlib.unlink_session(self.conf.sessiondir, self.clientdata.sessionid)
+		end
+		self.sessiondata = {}
+		self.sessiondata.id = sessionlib.random_hash(512)
+		require("authenticator")
+		self.sessiondata.userinfo = authenticator.get_userinfo(self, ENV.REMOTE_USER)
+		logevent("Automatic login as ENV.REMOTE_USER: "..tostring(ENV.REMOTE_USER))
+	end
+
 	if nil == self.sessiondata.id then
 		self.sessiondata = {}
 		self.sessiondata.id = sessionlib.random_hash(512)
author	Ted Trask <ttrask01@yahoo.com>	2013-05-30 17:15:39 +0000
committer	Ted Trask <ttrask01@yahoo.com>	2013-05-30 17:22:59 +0000
commit	a23f983dddd365a588febad96f00b876ff5e8453 (patch)
tree	075f3baacdaef74b1eec7bf7a3519014064478ff /app
parent	97a09940fb6805ebf55dfb43847a87fa8260be34 (diff)
download	acf-core-a23f983dddd365a588febad96f00b876ff5e8453.tar.bz2 acf-core-a23f983dddd365a588febad96f00b876ff5e8453.tar.xz