liquid_feedback_frontend
view app/main/_filter/21_auth.lua @ 989:5a712ec1a7f1
Added support for login name recovery by email address
| author | bsw |
|---|---|
| date | Sat Apr 20 18:51:28 2013 +0200 (2013-04-20) |
| parents | 81bde33c2256 |
| children | 701a5cf6b067 5b77825ecfa6 |
line source
1 local module = request.get_module()
2 local view = request.get_view()
3 local action = request.get_action()
5 local auth_needed = not (
6 module == 'index'
7 and (
8 view == "index"
9 or view == "login"
10 or action == "login"
11 or view == "register"
12 or action == "register"
13 or view == "about"
14 or view == "reset_password"
15 or action == "reset_password"
16 or view == "send_login"
17 or action == "send_login"
18 or view == "confirm_notify_email"
19 or action == "confirm_notify_email"
20 or view == "menu"
21 or action == "set_lang"
22 or view == "404"
23 )
24 )
26 if app.session:has_access("anonymous") then
28 if
29 module == "area" and view == "show"
30 or module == "unit" and view == "show"
31 or module == "policy" and view == "show"
32 or module == "policy" and view == "list"
33 or module == "issue" and view == "show"
34 or module == "initiative" and view == "show"
35 or module == "suggestion" and view == "show"
36 or module == "draft" and view == "diff"
37 or module == "draft" and view == "show"
38 or module == "draft" and view == "list"
39 or module == "index" and view == "search"
40 or module == "index" and view == "usage_terms"
41 then
42 auth_needed = false
43 end
45 end
47 if app.session:has_access("all_pseudonymous") then
48 if module == "member_image" and view == "show"
49 or module == "vote" and view == "show_incoming"
50 or module == "interest" and view == "show_incoming"
51 or module == "supporter" and view == "show_incoming"
52 or module == "vote" and view == "list" then
53 auth_needed = false
54 end
55 end
57 if app.session:has_access("everything") then
58 if module == "member" and (view == "show" or view == "history") then
59 auth_needed = false
60 end
61 end
63 if module == "sitemap" then
64 auth_needed = false
65 end
67 if app.session:has_access("anonymous") and not app.session.member_id and auth_needed and module == "index" and view == "index" then
68 if config.single_unit_id then
69 request.redirect{ module = "unit", view = "show", id = config.single_unit_id }
70 else
71 request.redirect{ module = "unit", view = "list" }
72 end
73 return
74 end
76 -- if not app.session.user_id then
77 -- trace.debug("DEBUG: AUTHENTICATION BYPASS ENABLED")
78 -- app.session.user_id = 1
79 -- end
81 if auth_needed and app.session.member == nil then
82 trace.debug("Not authenticated yet.")
83 request.redirect{
84 module = 'index', view = 'login', params = {
85 redirect_module = module,
86 redirect_view = view,
87 redirect_id = param.get_id()
88 }
89 }
90 elseif auth_needed and app.session.member.locked then
91 trace.debug("Member locked.")
92 request.redirect{ module = 'index', view = 'login' }
93 else
94 if config.check_delegations_interval_hard and app.session.member_id and app.session.needs_delegation_check
95 and not (module == "admin" or (module == "index" and (
96 view == "check_delegations"
97 or action == "check_delegations"
98 or action == "logout"
99 or view == "about"
100 or view == "usage_terms"
101 or action == "set_lang")
102 ))
103 and not (module == "member_image" and view == "show") then
104 request.redirect{ module = 'index', view = 'check_delegations' }
105 return
106 end
107 if auth_needed then
108 trace.debug("Authentication accepted.")
109 else
110 trace.debug("No authentication needed.")
111 end
113 --db:query("SELECT check_everything()")
115 execute.inner()
116 trace.debug("End of authentication filter.")
117 end