Isaac Connor
caa8adae5e
fix when gets loaded.
2018-07-24 10:40:18 -04:00
Isaac Connor
8c35d4d1b0
Populate a global from the session on every request. Use the object instead of using allowedMonitors in session.
2018-07-24 10:32:37 -04:00
Pliable Pixels
997aa6aa55
fixed getCredentials not working if called directly
2018-07-17 13:57:20 -04:00
Pliable Pixels
0ff9002adf
2156 api login ( #2157 )
...
* error can be due to bad user or password
* added login/logout and related private functions
* handle case when userLogin fails, current code returns PHP error for and API throw is not called
* formatting
* converted login params to POST, removed user=&pass= for other APIs
* formatting
* add auth check back but leave out login/out
* fixes to make it work across zmN, postman and curl
* added back enabled check
2018-07-15 21:17:35 -04:00
Isaac Connor
fe5ebe094d
More work just using auth.php instead of cake code. Don't reload the User object
2018-07-11 11:45:49 -04:00
Isaac Connor
4f80ca6871
Use userLogin function from auth.php instead of cake code.
2018-07-11 10:33:49 -04:00
Isaac Connor
f10509690b
add username and passwordHash to Session so that generateAuthHash works
2018-07-11 09:54:15 -04:00
Isaac Connor
21438d17ac
Fix authenticating User
2018-07-10 13:19:51 -04:00
Isaac Connor
930d929427
Merge branch 'storageareas' into api_auth
2018-07-10 12:46:30 -04:00
Isaac Connor
513708b11c
don't need to define the config, it will have already been done. Include auth.php instead of functions.php as the code has been moved
2018-04-06 14:42:10 -04:00
Isaac Connor
632ab143fe
error when can't set session in cake
2018-04-05 14:21:56 -04:00
Isaac Connor
150aa5be51
Merge branch 'master' into api_auth
2017-06-09 12:33:17 -04:00
Matt N
33092e4022
Allow API authentication using the `auth` query parameter containing an auth. hash. ( #1845 )
...
* Allow API authentication using the `auth` query parameter containing an auth. hash.
Fixes #1827
The same auth. hash for zms is used here. This allows consumers to use the API without sending the password in the query string and not require forging logins via the login form.
* Move logger.php's global Debug function to Logger::Debug to avoid polluting globals
This avoids a conflict with CakePHP when logger.php gets included indrectly from API code.
* Protect action=login when ZM_ENABLE_CSRF_MAGIC is enabled
2017-05-15 21:51:48 -04:00
Matthew Noorenberghe
ea558c79a0
Fix check that API user is enabled
2017-03-20 17:16:24 -07:00
Isaac Connor
b4aec41d3d
fix warnings and move User import up higher to where it needs to be
2016-06-21 09:09:58 -04:00
Isaac Connor
dbdd1ae51e
remove debug logging
2016-06-07 16:26:58 -04:00
Isaac Connor
f26c9168c4
if user=&pass= are in request, use them for auth
2016-06-07 16:25:35 -04:00
Isaac Connor
6cb163c37f
Merge branch 'master' into api_auth
2016-06-07 16:23:50 -04:00
arjunrc
6e606aa74b
removed issue #
2015-12-19 19:04:27 -05:00
arjunrc
38b4785557
PP - Gone,flitted away, Taken the starts from the night and sun, From the day! Gone, and a cloud in my heart. - Tennyson
2015-12-19 18:36:38 -05:00
arjunrc
028c9b956c
check for opt_use_api, also pull in user roles support
2015-12-19 17:44:02 -05:00
Pliable Pixels
a64f7c0036
Included logic to not enforce authentication in API layer if ZM_OPT_USE_AUTH is disabled
...
If ZM auth is off, API won't work. Changed this to make sure API disables auth if ZM disables auth
2015-08-11 14:47:49 -04:00
Pliable Pixels
f7025aaa26
I was using the wrong field to check for portal authentication
...
Should be user.Username instead of username
2015-08-10 15:55:44 -04:00
Pliable Pixels
38799050ef
APIs will be served only if user is logged into the ZM portal
2015-08-07 16:14:02 -04:00
Isaac Connor
fadfc01d81
TUrn on sessions and auth
2015-06-30 11:27:33 -04:00
Ubuntu
dd9603f70f
Merged Angular UI branch API to master
2015-06-11 02:58:58 +00:00
Kyle Johnson
f1f3de6d7d
Moved the api to underneath the web directory
2014-04-29 20:41:04 +00:00