event for determining if an action is a login action

diff --git a/EVENTS.txt b/EVENTS.txt
index 908188cd2335b9c207aa4fb89d65c4b67abf0ad0..7db35a2a2544905c45fed9de7f5a77165aff1305 100644 (file)
--- a/EVENTS.txt
+++ b/EVENTS.txt
@@ -142,3 +142,6 @@ SensitiveAction: determines if an action is 'sensitive' and should use SSL
 - $action: name of the action, like 'login'
 - $sensitive: flag for whether this is a sensitive action
 
+LoginAction: determines if an action is a 'login' action (OK for public view in private mode)
+- $action: name of the action, like 'register'
+- $login: flag for whether this is a login action

diff --git a/index.php b/index.php
index a73983b5956f3545540dde949b333b4c83180ebf..372a8536ecb9144369e7a2b837d925dac25253d5 100644 (file)
--- a/index.php
+++ b/index.php
@@ -105,6 +105,20 @@ function checkMirror($action_obj)
     }
 }
 
+function isLoginAction($action)
+{
+    static $loginActions =  array('login', 'openidlogin', 'finishopenidlogin',
+                                  'recoverpassword', 'api', 'doc', 'register');
+
+    $login = null;
+
+    if (Event::handle('LoginAction', array($action, &$login))) {
+        $login = in_array($action, $loginActions);
+    }
+
+    return $login;
+}
+
 function main()
 {
     // quick check for fancy URL auto-detection support in installer.
@@ -164,8 +178,7 @@ function main()
     // parts of the site, redirect to login
 
     if (!$user && common_config('site', 'private') &&
-        !in_array($action, array('login', 'openidlogin', 'finishopenidlogin',
-                                 'recoverpassword', 'api', 'doc', 'register')) &&
+        !isLoginAction($action) &&
         !preg_match('/rss$/', $action)) {
         common_redirect(common_local_url('login'));
         return;