From: ShaoHe Feng <shaohef(a)linux.vnet.ibm.com>
when username or password is wrong, come back to login page with an error message.
Signed-off-by: ShaoHe Feng <shaohef(a)linux.vnet.ibm.com>
---
src/kimchi/auth.py | 19 +++++++++++++------
ui/pages/login.html.tmpl | 6 ++++++
2 files changed, 19 insertions(+), 6 deletions(-)
diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
index a38dbd3..9cb40d3 100644
--- a/src/kimchi/auth.py
+++ b/src/kimchi/auth.py
@@ -131,9 +131,8 @@ def _pam_conv(auth, query_list, userData=None):
try:
auth.authenticate()
- except PAM.error, (resp, code):
- msg_args = {'username': username, 'code': code}
- raise OperationFailed("KCHAUTH0001E", msg_args)
+ except PAM.error:
+ raise
return True
@@ -196,9 +195,17 @@ def check_auth_httpba():
def login(username, password):
- if not authenticate(username, password):
- debug("User cannot be verified with the supplied password")
- return None
+ try:
+ if not authenticate(username, password):
+ debug("User cannot be verified with the supplied password")
+ return None
+ except PAM.error, (resp, code):
+ if (cherrypy.request.path_info == "/login" and
+ not template.can_accept('application/json')):
+ raise cherrypy.HTTPRedirect("/login.html?error=userPassWrong",
303)
+ msg_args = {'username': username, 'code': code}
+ raise OperationFailed("KCHAUTH0001E", msg_args)
+
user = User(username)
debug("User verified, establishing session")
cherrypy.session.acquire_lock()
diff --git a/ui/pages/login.html.tmpl b/ui/pages/login.html.tmpl
index 0e4bb0d..fc6cee6 100644
--- a/ui/pages/login.html.tmpl
+++ b/ui/pages/login.html.tmpl
@@ -181,8 +181,14 @@ function setLang() {
var persistLang = getCookie('kimchiLang');
document.getElementById("userLang").value = persistLang || clientLang ||
defaultLang;
}
+function setMessage() {
+ var err = "$getVar('data.error', '')";
+ if(err=="userPassWrong")
+ document.getElementById("messUserPass").style.display = "";
+}
function init() {
setLang();
+ setMessage();
}
</script>
</head>
--
1.9.3