--- a/web/app/controllers.php +++ b/web/app/controllers.php @@ -58,14 +58,20 @@ $controllers->before(function(Request $request, Silex\Application $app) { // processing the request if ($app['session']->has('username')) { $username = $app['session']->get('username'); - $preferences = $app['preferences.repository']->userPreferences($username); - $app['user.preferences'] = $preferences; - $app['user.timezone'] = $preferences->get('timezone'); - - // Set application language - $request->setLocale($preferences->get('language')); - $app['translator']->setLocale($preferences->get('language')); - return; + // Clear user session if HTTP authentication changed + if (isset($_SERVER['PHP_AUTH_USER']) + && $username != $_SERVER['PHP_AUTH_USER']) { + $app['session']->clear(); + } else { + $preferences = $app['preferences.repository']->userPreferences($username); + $app['user.preferences'] = $preferences; + $app['user.timezone'] = $preferences->get('timezone'); + + // Set application language + $request->setLocale($preferences->get('language')); + $app['translator']->setLocale($preferences->get('language')); + return; + } } if ($request->isXmlHttpRequest()) { diff --git a/web/src/Controller/Authentication.php b/web/src/Controller/Authentication.php index deebb751..134cc9a8 100644 --- a/web/src/Controller/Authentication.php +++ b/web/src/Controller/Authentication.php @@ -34,9 +34,14 @@ class Authentication $success = false; $template_vars = []; - if ($request->isMethod('POST')) { - $user = $request->request->get('user'); - $password = $request->request->get('password'); + if ($request->isMethod('POST') || isset($_SERVER['PHP_AUTH_USER'])) { + if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { + $user = $_SERVER['PHP_AUTH_USER']; + $password = $_SERVER['PHP_AUTH_PW']; + } else { + $user = $request->request->get('user'); + $password = $request->request->get('password'); + } if (empty($user) || empty($password)) { $template_vars['error'] = $app['translator']->trans('messages.error_empty_fields');