external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2026-03-04 15:54:48 +01:00
Code Issues Releases Wiki Activity

split management daemon authorization from authentication and use 'doveadm pw' rather than 'doveadm auth test' so that it is decoupled from dovecot's login mechanism

Browse Source 
This was done to pave the way for two-factor authentication, but that's still a ways off.
This commit is contained in:
Joshua Tauberer
2014-11-30 10:43:07 -05:00
parent 3187053b3a
commit 023b38df50
4 changed files with 98 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
management/templates/login.html
View File

@@ -67,13 +67,20 @@ function do_login() {
function(response){
// This API call always succeeds. It returns a JSON object indicating
// whether the request was authenticated or not.
if (response.status != "authorized") {
if (response.status != "ok") {
// Show why the login failed.
show_modal_error("Login Failed", response.reason)
// Reset any saved credentials.
do_logout();
} else if (!("api_key" in response)) {
// Login succeeded but user might not be authorized!
show_modal_error("Login Failed", "You are not an administrator on this system.")
// Reset any saved credentials.
do_logout();
} else {
// Login succeeded.