diff options
Diffstat (limited to 'src/etc/inc/auth.inc')
-rw-r--r-- | src/etc/inc/auth.inc | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc index 5d20fc3..04af52f 100644 --- a/src/etc/inc/auth.inc +++ b/src/etc/inc/auth.inc @@ -1664,11 +1664,12 @@ function session_auth() { $attributes = array(); if (isset($_POST['login']) && !empty($_POST['usernamefld']) && !empty($_POST['passwordfld'])) { $authcfg = auth_get_authserver($config['system']['webgui']['authmode']); - if (authenticate_user($_POST['usernamefld'], $_POST['passwordfld'], $authcfg, $attributes) || - authenticate_user($_POST['usernamefld'], $_POST['passwordfld'])) { + $remoteauth = authenticate_user($_POST['usernamefld'], $_POST['passwordfld'], $authcfg, $attributes); + if ($remoteauth || authenticate_user($_POST['usernamefld'], $_POST['passwordfld'])) { // Generate a new id to avoid session fixation session_regenerate_id(); $_SESSION['Logged_In'] = "True"; + $_SESSION['remoteauth'] = $remoteauth; $_SESSION['Username'] = $_POST['usernamefld']; $_SESSION['user_radius_attributes'] = $attributes; $_SESSION['last_access'] = time(); |