API CHANGE: Added Security::set_login_url() so that you can define an alternative log-in page if you have made one yourself.

2024-06-28 15:39:40 +02:00 · 2011-03-16 16:13:14 +13:00 · 2011-03-16 16:13:14 +13:00 · d8bfc0bb48
commit d8bfc0bb48
parent 33a1fc7b3a
4 changed files with 30 additions and 7 deletions
--- a/dev/Debug.php
+++ b/dev/Debug.php
@ -652,7 +652,7 @@ class Debug {
 		$_SESSION['Security']['Message']['type'] =  'warning';
 		$_SESSION['BackURL'] = $_SERVER['REQUEST_URI'];
 		header($_SERVER['SERVER_PROTOCOL'] . " 302 Found");
-		header("Location: " . Director::baseURL() . "Security/login");
+		header("Location: " . Director::baseURL() . Security::login_url());
 		die();
 	}
 }
--- a/security/Security.php
+++ b/security/Security.php
@ -242,7 +242,10 @@ class Security extends Controller {
 			// Audit logging hook
 			$controller->extend('permissionDenied', $member);

-			$controller->redirect("Security/login?BackURL=" . urlencode($_SERVER['REQUEST_URI']));
+			$controller->redirect(
+				Config::inst()->get('Security', 'login_url')
+			 . "?BackURL=" . urlencode($_SERVER['REQUEST_URI'])
+			);
 		}
 		return;
 	}
@ -927,8 +930,25 @@ class Security extends Controller {
 	public static function set_ignore_disallowed_actions($flag) {
 		self::$ignore_disallowed_actions = $flag;
 	}
+
 	public static function ignore_disallowed_actions() {
 		return self::$ignore_disallowed_actions;
 	}

+	protected static $login_url = "Security/login";
+
+	/**
+	 * Set a custom log-in URL if you have built your own log-in page.
+	 */
+	public static function set_login_url($loginUrl) {
+	    self::$login_url = $loginUrl;
+	}
+	/**
+	 * Get the URL of the log-in page.
+	 * Defaults to Security/login but can be re-set with {@link set_login_url()}
+	 */
+	public static function login_url() {
+	    return self::$login_url;
+	}
+
 }
--- a/tests/control/DirectorTest.php
+++ b/tests/control/DirectorTest.php
@ -252,7 +252,7 @@ class DirectorTest extends SapphireTest {
 	}

 	public function testForceSSLOnSubPagesPattern() {
-		$_SERVER['REQUEST_URI'] = Director::baseURL() . 'Security/login';
+		$_SERVER['REQUEST_URI'] = Director::baseURL() . Config::inst()->get('Security', 'login_url');
 		$output = Director::forceSSL(array('/^Security/'));
 		$this->assertEquals($output, 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
 	}
--- a/tests/security/SecurityTest.php
+++ b/tests/security/SecurityTest.php
@ -57,7 +57,10 @@ class SecurityTest extends FunctionalTest {
 		
 		$response = $this->get('SecurityTest_SecuredController');
 		$this->assertEquals(302, $response->getStatusCode());
-		$this->assertContains('Security/login', $response->getHeader('Location'));
+		$this->assertContains(
+			Config::inst()->get('Security', 'login_url'), 
+			$response->getHeader('Location')
+		);

 		$this->logInWithPermission('ADMIN');		
 		$response = $this->get('SecurityTest_SecuredController');
@ -74,7 +77,7 @@ class SecurityTest extends FunctionalTest {
 		$this->session()->inst_set('loggedInAs', $member->ID);

 		/* View the Security/login page */
-		$response = $this->get('Security/login');
+		$response = $this->get(Config::inst()->get('Security', 'login_url'));
 		
 		$items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.action');
 		
@ -108,7 +111,7 @@ class SecurityTest extends FunctionalTest {
 		$this->autoFollowRedirection = true;
 		
 		/* Attempt to get into the admin section */
-		$response = $this->get('Security/login/');
+		$response = $this->get(Config::inst()->get('Security', 'login_url'));
 		
 		$items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.text');

@ -396,7 +399,7 @@ class SecurityTest extends FunctionalTest {
 	public function doTestLoginForm($email, $password, $backURL = 'test/link') {
 		$this->get('Security/logout');
 		$this->session()->inst_set('BackURL', $backURL);
-		$this->get('Security/login');
+		$this->get(Config::inst()->get('Security', 'login_url'));
 		
 		return $this->submitForm(
 			"MemberLoginForm_LoginForm",