libs/core: Reworked some basic libraries to not use package.seeall

[project/luci.git] / libs / web / luasrc / dispatcher.lua

diff --git a/libs/web/luasrc/dispatcher.lua b/libs/web/luasrc/dispatcher.lua
index ed35f9d..3cfa6c7 100644 (file)
--- a/libs/web/luasrc/dispatcher.lua
+++ b/libs/web/luasrc/dispatcher.lua
@@ -79,7 +79,7 @@ function error500(message)
        return false
 end
 
-function authenticator.htmlauth(validator, default)
+function authenticator.htmlauth(validator, accs, default)
        local user = luci.http.formvalue("username")
        local pass = luci.http.formvalue("password")
        
@@ -125,7 +125,7 @@ function dispatch(request)
        local c = context.tree
        local track = {}
        local args = {}
-       context.args = context.path
+       context.args = args
        local n
 
        for i, s in ipairs(request) do
@@ -164,7 +164,7 @@ function dispatch(request)
        viewns.controller  = luci.http.getenv("SCRIPT_NAME")
        viewns.media       = luci.config.main.mediaurlbase
        viewns.resource    = luci.config.main.resourcebase
-       viewns.REQUEST_URI = luci.http.getenv("SCRIPT_NAME") .. (luci.http.getenv("PATH_INFO") or "")
+       viewns.REQUEST_URI = (luci.http.getenv("SCRIPT_NAME") or "") .. (luci.http.getenv("PATH_INFO") or "")
        
        if track.dependent then
                local stat, err = pcall(assert, not track.auto)
@@ -187,13 +187,15 @@ function dispatch(request)
                
                if not luci.util.contains(accs, user) then
                        if authen then
-                               local user = authen(luci.sys.user.checkpasswd, def)
+                               local user, sess = authen(luci.sys.user.checkpasswd, accs, def)
                                if not user or not luci.util.contains(accs, user) then
                                        return
                                else
-                                       local sid = luci.sys.uniqueid(16)
+                                       local sid = sess or luci.sys.uniqueid(16)
                                        luci.http.header("Set-Cookie", "sysauth=" .. sid.."; path=/")
-                                       luci.sauth.write(sid, user)
+                                       if not sess then
+                                               luci.sauth.write(sid, user)
+                                       end
                                end
                        else
                                luci.http.status(403, "Forbidden")