[login] split authentication logic from post authentication logic (closes #2200755)
* The Session manager is now only in charge of providing a valid session.
* LoginControllers are now used in all case but wrong credential.
* The LoginControllers are in charge of redirecting the user to the page wanted
to see in the first place, expected to see.
* The login form is now always submitted to the login controller with an extra
argument pointing to the url we should redirect too after successful
authentication.
The ``"log out first logic"`` logic on login controller is removed because:
1. Other web actor do not do that.
2. Removed code do not need to be reimplemented.
3. We can only get it to work again in a single case: use do a GET request on
http://www.my-cw-stuff.io/login
4. I do not see it's purpose.
This package was debianized by Logilab <contact@logilab.fr>.
It was downloaded from ftp://ftp.logilab.org/pub/cubicweb
Upstream Author:
Logilab <contact@logilab.fr>
Copyright:
Copyright (c) 2003-2011 LOGILAB S.A. (Paris, FRANCE).
http://www.logilab.fr/ -- mailto:contact@logilab.fr
License:
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by the
Free Software Foundation; either version 2.1 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
for more details.
You should have received a copy of the GNU Lessser General Public License
along with this program; if not, write to the Free Software Foundation,
Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
On Debian systems, the complete text of the GNU Lesser General Public License
may be found in '/usr/share/common-licenses/LGPL-2.1'.