Commit Graph

14 Commits

Author SHA1 Message Date
Isaac Connor ca8770bd5a Merge branch 'fix_rce' into storageareas 2018-10-24 10:17:16 -04:00
Isaac Connor 17a5519dd6
Include the remoteAddr in the session authhash cache, so that a change of ip won't allow the same useless auth hash. (#2264) 2018-10-19 13:39:37 -04:00
Isaac Connor cbc26e0cec cleanup trailing whitespace 2018-10-09 10:07:40 -04:00
Isaac Connor a3d0cb42ea Move GOOGLE RECAPCHA to includes/auth.php, clean login actions. 2018-10-09 10:05:50 -04:00
Pliable Pixels 0ff9002adf 2156 api login (#2157)
* error can be due to bad user or password

* added login/logout and related private functions

* handle case when userLogin fails, current code returns PHP error for  and API throw is not called

* formatting

* converted login params to POST, removed user=&pass= for other APIs

* formatting

* add auth check back but leave out login/out

* fixes to make it work across zmN, postman and curl

* added back enabled check
2018-07-15 21:17:35 -04:00
Isaac Connor b8691e4654 Don't need global cookies. Only open session if needed in userLogin 2018-07-11 11:45:19 -04:00
Isaac Connor c6ded845d0 Return the user db row ifrom userLogin instead of assuming it will be accessed as a global. Add is_session_started function and use it to detect when we need to start/stop the session in generateAuthHash 2018-07-11 10:34:45 -04:00
Isaac Connor d271d8bf1d Fix my botched change to generateAuthHash 2018-06-25 14:50:54 -04:00
Isaac Connor 99a97543f1 Rework generateAuthHash to take a force parameter so that it can be used to generate auth hashes for zmu 2018-06-25 13:43:08 -04:00
Isaac Connor 3bb1a5b544 Whitespace 2018-04-30 13:02:53 -04:00
Isaac Connor 0b0fbae1c5 Add output of paused image when paused 2018-04-12 18:43:57 -04:00
Isaac Connor 530ac15344 remove csrf_startup 2018-04-06 14:46:33 -04:00
Isaac Connor 53ce8c008a move auth functions into it's own file 2018-04-06 14:36:23 -04:00
Isaac Connor 7b23ef80a4 blah 2018-04-06 14:31:11 -04:00