harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allow channel login to the api, just like with the cloud

Browse Source
This commit is contained in:
friendica 2014-08-10 19:53:26 -07:00
parent 24db2e4468
commit b12e40a4e8
1 changed files with 24 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
include/api.php
View File

@ -119,16 +119,36 @@ require_once('include/items.php');
// process normal login request // process normal login request
require_once('include/auth.php'); require_once('include/auth.php');
$channel_login = 0;
$record = account_verify_password($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']); $record = account_verify_password($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']);
if(! $record) {
$r = q("select * from channel where channel_address = '%s' limit 1",
dbesc($_SERVER['PHP_AUTH_USER'])
);
if ($r) {
$x = q("select * from account where account_id = %d limit 1",
intval($r[0]['channel_account_id'])
);
if ($x) {
$record = account_verify_password($x[0]['account_email'],$_SERVER['PHP_AUTH_PW']);
if($record)
$channel_login = $r[0]['channel_id'];
}
}
if(! $record) { if(! $record) {
logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG); logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Red"'); header('WWW-Authenticate: Basic realm="Red"');
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');
die('This api requires login'); die('This api requires login');
} }
}
require_once('include/security.php'); require_once('include/security.php');
authenticate_success($record); authenticate_success($record);
if($channel_login)
change_channel($channel_login);
$_SESSION['allow_api'] = true; $_SESSION['allow_api'] = true;
} }