tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-01 05:39:10 +02:00
Code Issues Projects Releases Wiki Activity

API CHANGE: Unique_identifier now accepted as the login requirement, allowing alternatives to 'Email' (from r97270)

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102440 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2010-04-12 05:00:05 +00:00
parent 6eb4d67c86
commit b69b03b9e0
3 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
security/MemberAuthenticator.php
View File

@ -40,7 +40,7 @@ class MemberAuthenticator extends Authenticator {
} else { } else {
$member = DataObject::get_one( $member = DataObject::get_one(
"Member", "Member",
"\"Email\" = '$SQL_user' AND \"Password\" IS NOT NULL" "\"" . Member::get_unique_identifier_field() . "\" = '$SQL_user' AND \"Password\" IS NOT NULL"
); );
$result = ($member) ? $member->checkPassword($RAW_data['Password']) : false; $result = ($member) ? $member->checkPassword($RAW_data['Password']) : false;
@ -65,7 +65,7 @@ class MemberAuthenticator extends Authenticator {
$member->extend('authenticated'); $member->extend('authenticated');
} else { } else {
// failed login - we're trying to see if a user exists with this email (disregarding wrong passwords) // failed login - we're trying to see if a user exists with this email (disregarding wrong passwords)
$existingMember = DataObject::get_one("Member", "\"Email\" = '$SQL_user'"); $existingMember = DataObject::get_one("Member", "\"" . Member::get_unique_identifier_field() . "\" = '$SQL_user'");
if($existingMember) { if($existingMember) {
$attempt->MemberID = $existingMember->ID; $attempt->MemberID = $existingMember->ID;

4
security/MemberLoginForm.php
View File

@ -52,9 +52,11 @@ class MemberLoginForm extends LoginForm {
); );
} else { } else {
if(!$fields) { if(!$fields) {
$label=singleton('Member')->fieldLabel(Member::get_unique_identifier_field());
$fields = new FieldSet( $fields = new FieldSet(
new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this), new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this),
new TextField("Email", _t('Member.EMAIL', 'Email'), Session::get('SessionForms.MemberLoginForm.Email'), null, $this), //Regardless of what the unique identifer field is (usually 'Email'), it will be held in the 'Email' value, below:
new TextField("Email", $label, Session::get('SessionForms.MemberLoginForm.Email'), null, $this),
new PasswordField("Password", _t('Member.PASSWORD', 'Password')) new PasswordField("Password", _t('Member.PASSWORD', 'Password'))
); );
if(Security::$autologin_enabled) { if(Security::$autologin_enabled) {

4
security/Security.php
View File

@ -598,7 +598,7 @@ class Security extends Controller {
&& !empty(self::$default_username) && !empty(self::$default_password)) { && !empty(self::$default_username) && !empty(self::$default_password)) {
$member = self::findAnAdministrator(); $member = self::findAnAdministrator();
} else { } else {
$member = DataObject::get_one("Member", "\"Email\" = '$SQL_email' AND \"Password\" IS NOT NULL"); $member = DataObject::get_one("Member", "\"" . Member::get_unique_identifier_field() . "\" = '$SQL_email' AND \"Password\" IS NOT NULL");
if($member && ($member->checkPassword($RAW_password) == false)) { if($member && ($member->checkPassword($RAW_password) == false)) {
$member = null; $member = null;
} }
@ -816,7 +816,7 @@ class Security extends Controller {
$salt = ($salt) ? $salt : $e->salt($password); $salt = ($salt) ? $salt : $e->salt($password);
return array( return array(
'password' => $e->encrypt($password, $salt), 'password' => $e->encrypt($password, $salt, $member),
'salt' => $salt, 'salt' => $salt,
'algorithm' => $algorithm, 'algorithm' => $algorithm,
'encryptor' => $e 'encryptor' => $e