From 2c01cb7a0aec631ff81a52c63d79291cfeed4089 Mon Sep 17 00:00:00 2001
From: Ludovic Marcotte <lmarcotte@inverse.ca>
Date: Wed, 27 Apr 2016 16:24:49 -0400
Subject: [PATCH] (fix) ppolicy password change should now work on login page

---
 UI/MainUI/SOGoRootPage.m | 55 ++++++++++++++++++++++++++--------------
 1 file changed, 36 insertions(+), 19 deletions(-)

diff --git a/UI/MainUI/SOGoRootPage.m b/UI/MainUI/SOGoRootPage.m
index 6ca3b6215..5c27c7384 100644
--- a/UI/MainUI/SOGoRootPage.m
+++ b/UI/MainUI/SOGoRootPage.m
@@ -564,13 +564,27 @@
 	   authenticatorInContext: context];
   value = [[context request]
            cookieValueForKey: [auth cookieNameInContext: context]];
-  creds = [auth parseCredentials: value];
+  creds = nil;
 
-  [SOGoSession decodeValue: [SOGoSession valueForSessionKey: [creds objectAtIndex: 1]]
-                  usingKey: [creds objectAtIndex: 0]
-                     login: &username
-                    domain: &domain
-                  password: &password];
+  // If we are logged in
+  if (value)
+    {
+      creds = [auth parseCredentials: value];
+
+      [SOGoSession decodeValue: [SOGoSession valueForSessionKey: [creds objectAtIndex: 1]]
+                      usingKey: [creds objectAtIndex: 0]
+                         login: &username
+                        domain: &domain
+                      password: &password];
+    }
+  else
+    {
+      // We are using ppolicy, and changing the password
+      // upon login
+      username = [message objectForKey: @"userName"];
+      password = [message objectForKey: @"password"];
+      domain = nil;
+    }
 
   newPassword = [message objectForKey: @"newPassword"];
 
@@ -584,21 +598,24 @@
                             perr: &error])
     {
       // We delete the previous session
-      [SOGoSession deleteValueForSessionKey: [creds objectAtIndex: 1]]; 
-
-      if ([domain isNotNull])
+      if (creds)
         {
-          sd = [SOGoSystemDefaults sharedSystemDefaults];
-          if ([sd enableDomainBasedUID] &&
-              [username rangeOfString: @"@"].location == NSNotFound)
-            username = [NSString stringWithFormat: @"%@@%@", username, domain];
+          [SOGoSession deleteValueForSessionKey: [creds objectAtIndex: 1]]; 
+
+          if ([domain isNotNull])
+            {
+              sd = [SOGoSystemDefaults sharedSystemDefaults];
+              if ([sd enableDomainBasedUID] &&
+                  [username rangeOfString: @"@"].location == NSNotFound)
+                username = [NSString stringWithFormat: @"%@@%@", username, domain];
+            }
+          
+          response = [self responseWith204];
+          authCookie = [auth cookieWithUsername: username
+                                    andPassword: newPassword
+                                      inContext: context];
+          [response addCookie: authCookie];
         }
-      
-      response = [self responseWith204];
-      authCookie = [auth cookieWithUsername: username
-                                andPassword: newPassword
-                                  inContext: context];
-      [response addCookie: authCookie];
     }
   else
     response = [self _responseWithLDAPPolicyError: error];