Refactor core Login to allow for clean LoginHttpAuth logic refs matom…

…o-org#514

plugins/Login/Controller.php

@@ -326,7 +326,7 @@ public function confirmResetPassword()
 
         if (is_null($errorMessage)) // if success, show login w/ success message
         {
-            $this->redirectToIndex('Login', 'resetPasswordSuccess');
+            $this->redirectToIndex(Piwik::getLoginPluginName(), 'resetPasswordSuccess');
             return;
         } else {
             // show login page w/ error. this will keep the token in the URL

plugins/Login/Login.php

@@ -9,6 +9,7 @@
 namespace Piwik\Plugins\Login;
 
 use Exception;
+use Piwik\AuthResult;
 use Piwik\Config;
 use Piwik\Cookie;
 use Piwik\Option;
@@ -43,12 +44,11 @@ public function noAccess(Exception $exception)
         $exceptionMessage = $exception->getMessage();
 
         $controller = new Controller();
-
         echo $controller->login($exceptionMessage, '' /* $exception->getTraceAsString() */);
     }
 
     /**
-     * Set login name and autehntication token for authentication request.
+     * Set login name and authentication token for API request.
      * Listens to API.Request.authenticate hook.
      */
     public function ApiRequestAuthenticate($tokenAuth)
@@ -57,20 +57,30 @@ public function ApiRequestAuthenticate($tokenAuth)
         \Piwik\Registry::get('auth')->setTokenAuth($tokenAuth);
     }
 
+    static protected function isModuleIsAPI()
+    {
+        return Piwik::getModule() === 'API'
+                && (Piwik::getAction() == '' || Piwik::getAction() == 'index');
+    }
+
     /**
      * Initializes the authentication object.
      * Listens to Request.initAuthenticationObject hook.
      */
-    function initAuthenticationObject($allowCookieAuthentication = false)
+    function initAuthenticationObject($activateCookieAuth = false)
     {
         $auth = new Auth();
         \Piwik\Registry::set('auth', $auth);
 
-        $action = Piwik::getAction();
-        if (Piwik::getModule() === 'API'
-            && (empty($action) || $action == 'index')
-            && $allowCookieAuthentication !== true
-        ) {
+        $this->initAuthenticationFromCookie($auth, $activateCookieAuth);
+    }
+
+    /**
+     * @param $auth
+     */
+    public static function initAuthenticationFromCookie(\Piwik\Auth $auth, $activateCookieAuth)
+    {
+        if(self::isModuleIsAPI() && !$activateCookieAuth) {
             return;
         }
 

plugins/Login/templates/login.twig

@@ -151,7 +151,7 @@
                            value="{{ 'General_ChangePassword'|translate }}" tabindex="100"/>
                 </fieldset>
 
-                <input type="hidden" name="module" value="Login"/>
+                <input type="hidden" name="module" value="{{ loginModule }}"/>
                 <input type="hidden" name="action" value="resetPassword"/>
             </form>
             <p id="nav">

plugins/Overlay/API.php

@@ -114,15 +114,15 @@ private function authenticate($idSite)
          * 
          *     use Piwik\Registry;
          * 
-         *     public function initAuthenticationObject($allowCookieAuthentication)
+         *     public function initAuthenticationObject($activateCookieAuth)
          *     {
-         *         Registry::set('auth', new LDAPAuth($allowCookieAuthentication));
+         *         Registry::set('auth', new LDAPAuth($activateCookieAuth));
          *     }
          * 
-         * @param bool $allowCookieAuthentication Whether authentication based on `$_COOKIE` values should
+         * @param bool $activateCookieAuth Whether authentication based on `$_COOKIE` values should
          *                                        be allowed.
          */
-        Piwik::postEvent('Request.initAuthenticationObject', array($allowCookieAuthentication = true));
+        Piwik::postEvent('Request.initAuthenticationObject', array($activateCookieAuth = true));
 
         $auth = \Piwik\Registry::get('auth');
         $success = Access::getInstance()->reloadAccess($auth);