2 files changed, 10 insertions, 4 deletions

diff --git a/app/acf-util/logon-controller.lua b/app/acf-util/logon-controller.lua
index c0fa8b9..f641d33 100644
--- a/app/acf-util/logon-controller.lua
+++ b/app/acf-util/logon-controller.lua
@@ -24,17 +24,19 @@ logon = function(self)
 	-- FIXME - if they are already logged in, log out first
 	
 	if clientdata.userid and clientdata.password then
-		if self.model.logon(self, clientdata.userid, clientdata.password) == false then
+		local t = self.model.logon(self,clientdata.userid,clientdata.password)
+		
+		if t == nil then
 			userid.value = self.clientdata.userid
 			userid.errtxt = "There was a problem logging in"
 		else
 		-- the login was successful - give them a new session, and redir to logged in
 			session.id = session.random_hash ( 512)
-			session.userinfo = self.model.get_userinfo (userid)
+			session.userinfo = t or {}
 			self.conf.controller="welcome"
 			self.conf.action = ""
 			self.conf.type = "redir"
-			logevent ("Logon was successful for " .. session.userinfo.username)
+			logevent ("Logon was successful for " .. session.userinfo.username or "" )
 			error (self.conf)
 		end
 	else
diff --git a/app/acf-util/logon-model.lua b/app/acf-util/logon-model.lua
index dac48cd..6e8384d 100644
--- a/app/acf-util/logon-model.lua
+++ b/app/acf-util/logon-model.lua
@@ -26,7 +26,11 @@ logon = function (self, id, password )
 	--	record event and ignore the attempt
 	-- All ok?
 	--	look up their role, issue new session
-	return auth.authenticate (self, id, password)
+	if auth.authenticate (self, id, password) then
+		return auth.get_userinfo (self, id)
+	else
+		return false
+	end
 end
 
 logoff = function (self, sessionid)