From 31c89db246a2e4704e3d4c3784c5406fbd084bb6 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@debian.org>
Date: Sun, 14 May 2017 14:44:43 +0100
Subject: httpauth: If REMOTE_USER is empty, behave as though it was unset

A frequently cut-and-pasted HTTP basic authentication configuration
for nginx sets it to the empty string when not authenticated, which
is not useful.
---
 IkiWiki/Plugin/httpauth.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'IkiWiki')

diff --git a/IkiWiki/Plugin/httpauth.pm b/IkiWiki/Plugin/httpauth.pm
index 76d574b2a..041eaebc9 100644
--- a/IkiWiki/Plugin/httpauth.pm
+++ b/IkiWiki/Plugin/httpauth.pm
@@ -66,7 +66,7 @@ sub auth ($$) {
 	my $cgi=shift;
 	my $session=shift;
 
-	if (defined $cgi->remote_user()) {
+	if (length $cgi->remote_user()) {
 		$session->param("name", $cgi->remote_user());
 	}
 }
@@ -80,7 +80,7 @@ sub formbuilder_setup (@) {
 	my $buttons=$params{buttons};
 
 	if ($form->title eq "signin" &&
-	    ! defined $cgi->remote_user() && defined $config{cgiauthurl}) {
+	    ! length $cgi->remote_user() && defined $config{cgiauthurl}) {
 		my $button_text="Login with HTTP auth";
 		push @$buttons, $button_text;
 
@@ -97,7 +97,7 @@ sub canedit ($$$) {
 	my $cgi=shift;
 	my $session=shift;
 
-	if (! defined $cgi->remote_user() &&
+	if (! length $cgi->remote_user() &&
 	    (! defined $session->param("name") ||
              ! IkiWiki::userinfo_get($session->param("name"), "regdate")) &&
 	    defined $config{httpauth_pagespec} &&
-- 
cgit v1.2.3