From: ShaoHe Feng <shaohef@linux.vnet.ibm.com> when username or password is wrong, come back to login page with an error message. Signed-off-by: ShaoHe Feng <shaohef@linux.vnet.ibm.com> --- src/kimchi/auth.py | 19 +++++++++++++------ ui/pages/login.html.tmpl | 6 ++++++ 2 files changed, 19 insertions(+), 6 deletions(-) diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py index a38dbd3..9cb40d3 100644 --- a/src/kimchi/auth.py +++ b/src/kimchi/auth.py @@ -131,9 +131,8 @@ def _pam_conv(auth, query_list, userData=None): try: auth.authenticate() - except PAM.error, (resp, code): - msg_args = {'username': username, 'code': code} - raise OperationFailed("KCHAUTH0001E", msg_args) + except PAM.error: + raise return True @@ -196,9 +195,17 @@ def check_auth_httpba(): def login(username, password): - if not authenticate(username, password): - debug("User cannot be verified with the supplied password") - return None + try: + if not authenticate(username, password): + debug("User cannot be verified with the supplied password") + return None + except PAM.error, (resp, code): + if (cherrypy.request.path_info == "/login" and + not template.can_accept('application/json')): + raise cherrypy.HTTPRedirect("/login.html?error=userPassWrong", 303) + msg_args = {'username': username, 'code': code} + raise OperationFailed("KCHAUTH0001E", msg_args) + user = User(username) debug("User verified, establishing session") cherrypy.session.acquire_lock() diff --git a/ui/pages/login.html.tmpl b/ui/pages/login.html.tmpl index 555430b..0e53041 100644 --- a/ui/pages/login.html.tmpl +++ b/ui/pages/login.html.tmpl @@ -70,8 +70,14 @@ function updateBtnLabel() { document.getElementById("login").style.display = "none"; document.getElementById("logging").style.display = ""; } +function setMessage() { + var err = "$getVar('data.error', '')"; + if(err=="userPassWrong") + document.getElementById("messUserPass").style.display = ""; +} function init() { setLang(); + setMessage(); } </script> </head> -- 1.9.3