--- a/web/app/controllers.php +++ b/web/app/controllers.php @@ -58,14 +58,20 @@ // processing the request if ($app['session']->has('username')) { $username = $app['session']->get('username'); - $preferences = $app['preferences.repository']->userPreferences($username); - $app['user.preferences'] = $preferences; - $app['user.timezone'] = $preferences->get('timezone'); + // Clear user session if HTTP authentication changed + if (isset($_SERVER['PHP_AUTH_USER']) + && $username != $_SERVER['PHP_AUTH_USER']) { + $app['session']->clear(); + } else { + $preferences = $app['preferences.repository']->userPreferences($username); + $app['user.preferences'] = $preferences; + $app['user.timezone'] = $preferences->get('timezone'); - // Set application language - $request->setLocale($preferences->get('language')); - $app['translator']->setLocale($preferences->get('language')); - return; + // Set application language + $request->setLocale($preferences->get('language')); + $app['translator']->setLocale($preferences->get('language')); + return; + } } if ($request->isXmlHttpRequest()) { --- a/web/src/Controller/Authentication.php +++ b/web/src/Controller/Authentication.php @@ -34,7 +34,7 @@ $success = false; $template_vars = []; - if ($request->isMethod('POST')) { + if ($request->isMethod('POST') || isset($_SERVER['PHP_AUTH_USER'])) { $user = $request->request->get('user'); $password = $request->request->get('password'); @@ -93,8 +93,14 @@ return false; } - $app['session']->set('username', $user); - $app['session']->set('password', $password); + if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { + $user = $_SERVER['PHP_AUTH_USER']; + $password = $_SERVER['PHP_AUTH_PW']; + } else { + $app['session']->set('username', $user); + $app['session']->set('password', $password); + } + $principal_url = $caldav_client->getCurrentUserPrincipal(); $principals_repository = $app['principals.repository'];