2 files changed, 11 insertions, 20 deletions

diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php
index 40dd260b..8effe28f 100644
--- a/modules/gallery/controllers/admin.php
+++ b/modules/gallery/controllers/admin.php
@@ -38,7 +38,8 @@ class Admin_Controller extends Controller {
       return self::_reauth_check();
     }
     if (auth::must_reauth_for_admin_area()) {
-      return self::_prompt_for_reauth($controller_name, $args);
+      print self::_prompt_for_reauth($controller_name, $args);
+      return;
     }
 
     if (request::method() == "post") {
@@ -86,7 +87,13 @@ class Admin_Controller extends Controller {
       // Avoid anti-phishing protection by passing the url as session variable.
       Session::instance()->set("continue_url", url::abs_current(true));
     }
-    url::redirect("reauthenticate");
+
+    // Check that we we not in a dialog. If we are, then use an ajax response.
+    if (strpos(Router::$query_string, "g-in-dialog") === false) {
+      url::redirect("reauthenticate");
+    } else {
+      return reauthenticate::get_authenticate_form();
+    }
   }
 }
 
diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php
index acb27f6a..9ddaff2e 100644
--- a/modules/gallery/controllers/reauthenticate.php
+++ b/modules/gallery/controllers/reauthenticate.php
@@ -22,7 +22,7 @@ class Reauthenticate_Controller extends Controller {
     if (!identity::active_user()->admin) {
       access::forbidden();
     }
-    return self::_show_form(self::_form());
+    return self::_show_form(reauthenticate::get_authenticate_form());
   }
 
   public function auth() {
@@ -31,7 +31,7 @@ class Reauthenticate_Controller extends Controller {
     }
     access::verify_csrf();
 
-    $form = self::_form();
+    $form = reauthenticate::get_authenticate_form();
     $valid = $form->validate();
     $user = identity::active_user();
     if ($valid) {
@@ -54,20 +54,4 @@ class Reauthenticate_Controller extends Controller {
     $view->content->user_name = identity::active_user()->name;
     print $view;
   }
-
-  private static function _form() {
-    $form = new Forge("reauthenticate/auth", "", "post", array("id" => "g-reauthenticate-form"));
-    $form->set_attr('class', "g-narrow");
-    $form->hidden("continue_url")->value(Session::instance()->get("continue_url", "admin"));
-    $group = $form->group("reauthenticate")->label(t("Re-authenticate"));
-    $group->password("password")->label(t("Password"))->id("g-password")->class(null)
-      ->callback("auth::validate_too_many_failed_auth_attempts")
-      ->callback("user::valid_password")
-      ->error_messages("invalid_password", t("Incorrect password"))
-      ->error_messages(
-        "too_many_failed_auth_attempts",
-        t("Too many incorrect passwords.  Try again later"));
-    $group->submit("")->value(t("Submit"));
-    return $form;
-  }
 }