New token= query for JWT

This commit is contained in:
Pliable Pixels 2019-05-07 15:03:13 -04:00
parent 37f915ec0f
commit 0bbc582971
1 changed files with 13 additions and 5 deletions

View File

@ -73,19 +73,27 @@ class AppController extends Controller {
$mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user');
$mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass');
$mAuth = $this->request->query('auth') ? $this->request->query('auth') : $this->request->data('auth'); $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token');
if ( $mUser and $mPassword ) { if ( $mUser and $mPassword ) {
$user = userLogin($mUser, $mPassword); $user = userLogin($mUser, $mPassword, true);
if ( !$user ) { if ( !$user ) {
throw new UnauthorizedException(__('User not found or incorrect password')); throw new UnauthorizedException(__('User not found or incorrect password'));
return; return;
} }
} else if ( $mAuth ) { } else if ( $mToken ) {
$user = getAuthUser($mAuth); $ret = validateToken($mToken);
$user = $ret[0];
$retstatus = $ret[1];
if ( !$user ) { if ( !$user ) {
throw new UnauthorizedException(__('Invalid Auth Key')); throw new UnauthorizedException(__($retstatus));
return; return;
} else if ( $mAuth ) {
$user = getAuthUser($mAuth);
if ( !$user ) {
throw new UnauthorizedException(__('Invalid Auth Key'));
return;
}
} }
} }
// We need to reject methods that are not authenticated // We need to reject methods that are not authenticated