Merge pull request #13314 from owncloud/login-hook-logout

Return false if the login is canceled in a hook

core/templates/login.php

@@ -19,6 +19,11 @@ script('core', [
 				<small><?php p($l->t('Please contact your administrator.')); ?></small>
 			</div>
 		<?php endif; ?>
+		<?php foreach($_['messages'] as $message): ?>
+			<div class="warning">
+				<?php p($message); ?><br>
+			</div>
+		<?php endforeach; ?>
 		<p id="message" class="hidden">
 			<img class="float-spinner" alt=""
 				src="<?php p(\OCP\Util::imagePath('core', 'loading-dark.gif'));?>" />

lib/base.php

@@ -846,19 +846,24 @@ class OC {
 	protected static function handleLogin() {
 		OC_App::loadApps(array('prelogin'));
 		$error = array();
+		$messages = [];
 
-		// auth possible via apache module?
-		if (OC::tryApacheAuth()) {
-			$error[] = 'apacheauthfailed';
-		} // remember was checked after last login
-		elseif (OC::tryRememberLogin()) {
-			$error[] = 'invalidcookie';
-		} // logon via web form
-		elseif (OC::tryFormLogin()) {
-			$error[] = 'invalidpassword';
+		try {
+			// auth possible via apache module?
+			if (OC::tryApacheAuth()) {
+				$error[] = 'apacheauthfailed';
+			} // remember was checked after last login
+			elseif (OC::tryRememberLogin()) {
+				$error[] = 'invalidcookie';
+			} // logon via web form
+			elseif (OC::tryFormLogin()) {
+				$error[] = 'invalidpassword';
+			}
+		} catch (\OC\User\LoginException $e) {
+			$messages[] = $e->getMessage();
 		}
 
-		OC_Util::displayLoginPage(array_unique($error));
+		OC_Util::displayLoginPage(array_unique($error), $messages);
 	}
 
 	/**

lib/private/user/loginexception.php

@@ -0,0 +1,12 @@
+<?php
+/**
+ * Copyright (c) 2014 Robin Appelman <icewind@owncloud.com>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+namespace OC\User;
+
+class LoginException extends \Exception {
+}

lib/private/user/session.php

@@ -189,6 +189,7 @@ class Session implements IUserSession, Emitter {
 	 * @param string $uid
 	 * @param string $password
 	 * @return boolean|null
+	 * @throws LoginException
 	 */
 	public function login($uid, $password) {
 		$this->manager->emit('\OC\User', 'preLogin', array($uid, $password));
@@ -199,7 +200,11 @@ class Session implements IUserSession, Emitter {
 					$this->setUser($user);
 					$this->setLoginName($uid);
 					$this->manager->emit('\OC\User', 'postLogin', array($user, $password));
-					return true;
+					if ($this->isLoggedIn()) {
+						return true;
+					} else {
+						throw new LoginException('Login canceled by app');
+					}
 				} else {
 					return false;
 				}

lib/private/util.php

@@ -782,12 +782,14 @@ class OC_Util {
 
 	/**
 	 * @param array $errors
+	 * @param string[] $messages
 	 */
-	public static function displayLoginPage($errors = array()) {
+	public static function displayLoginPage($errors = array(), $messages = []) {
 		$parameters = array();
 		foreach ($errors as $value) {
 			$parameters[$value] = true;
 		}
+		$parameters['messages'] = $messages;
 		if (!empty($_REQUEST['user'])) {
 			$parameters["username"] = $_REQUEST['user'];
 			$parameters['user_autofocus'] = false;