# both login-related cookies should expire at the same time
my $login_cookie_expires = ($persist) ? CORE::time + $response->{payload}->{authtime} : undef;
+ # define cookies here
+ my $cookies = [
+ # contains the actual auth token and should be sent only over https
+ $cgi->cookie(
+ -name => COOKIE_SES,
+ -path => '/',
+ -secure => 1,
+ -value => $response->{payload}->{authtoken},
+ -expires => $login_cookie_expires
+ ),
+ # contains only a hint that we are logged in, and is used to
+ # trigger a redirect to https
+ $cgi->cookie(
+ -name => COOKIE_LOGGEDIN,
+ -path => '/',
+ -secure => 0,
+ -value => '1',
+ -expires => $login_cookie_expires
+ )
+ ];
+
+ # test for four-digit PIN as password -- suggest password change
+ if ($password =~ m/^\d{4}$/) {
+ my $update_password = sprintf(
+ 'https://%s%s/myopac/update_password?initial=1',
+ $self->apache->hostname, $self->ctx->{opac_root} );
+ return $self->generic_redirect($update_password, $cookies);
+ }
+
return $self->generic_redirect(
- $cgi->param('redirect_to') || $acct,
- [
- # contains the actual auth token and should be sent only over https
- $cgi->cookie(
- -name => COOKIE_SES,
- -path => '/',
- -secure => 1,
- -value => $response->{payload}->{authtoken},
- -expires => $login_cookie_expires
- ),
- # contains only a hint that we are logged in, and is used to
- # trigger a redirect to https
- $cgi->cookie(
- -name => COOKIE_LOGGEDIN,
- -path => '/',
- -secure => 0,
- -value => '1',
- -expires => $login_cookie_expires
- )
- ]
+ $cgi->param('redirect_to') || $acct, $cookies
);
}
projects / working / Evergreen.git / commitdiff