From 2007a6fed6bc19b5525b24f47f64127d42ee0f28 Mon Sep 17 00:00:00 2001
From: Thomas Portelange <thomas@lekoala.be>
Date: Tue, 19 Jan 2021 16:51:46 +0100
Subject: [PATCH] avoid CMS coupling

In the current setup, we cannot use a custom security controller without the cms module. This changes allow setting another controller as "page_class".
---
 src/Security/Security.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Security/Security.php b/src/Security/Security.php
index ce5ab985e..1e121463d 100644
--- a/src/Security/Security.php
+++ b/src/Security/Security.php
@@ -579,8 +579,13 @@ class Security extends Controller implements TemplateGlobalProvider
         $holderPage->URLSegment = 'Security';
         // Disable ID-based caching  of the log-in page by making it a random number
         $holderPage->ID = -1 * random_int(1, 10000000);
+        
+        if ($holderPage instanceof Controller) {
+            $controller = $holderPage;
+        } else {
+            $controller = ModelAsController::controller_for($holderPage);
+        }
 
-        $controller = ModelAsController::controller_for($holderPage);
         $controller->setRequest($this->getRequest());
         $controller->doInit();