Isaac Connor
ca8770bd5a
Merge branch 'fix_rce' into storageareas
2018-10-24 10:17:16 -04:00
Isaac Connor
17a5519dd6
Include the remoteAddr in the session authhash cache, so that a change of ip won't allow the same useless auth hash. ( #2264 )
2018-10-19 13:39:37 -04:00
Isaac Connor
cbc26e0cec
cleanup trailing whitespace
2018-10-09 10:07:40 -04:00
Isaac Connor
a3d0cb42ea
Move GOOGLE RECAPCHA to includes/auth.php, clean login actions.
2018-10-09 10:05:50 -04:00
Pliable Pixels
0ff9002adf
2156 api login ( #2157 )
...
* error can be due to bad user or password
* added login/logout and related private functions
* handle case when userLogin fails, current code returns PHP error for and API throw is not called
* formatting
* converted login params to POST, removed user=&pass= for other APIs
* formatting
* add auth check back but leave out login/out
* fixes to make it work across zmN, postman and curl
* added back enabled check
2018-07-15 21:17:35 -04:00
Isaac Connor
b8691e4654
Don't need global cookies. Only open session if needed in userLogin
2018-07-11 11:45:19 -04:00
Isaac Connor
c6ded845d0
Return the user db row ifrom userLogin instead of assuming it will be accessed as a global. Add is_session_started function and use it to detect when we need to start/stop the session in generateAuthHash
2018-07-11 10:34:45 -04:00
Isaac Connor
d271d8bf1d
Fix my botched change to generateAuthHash
2018-06-25 14:50:54 -04:00
Isaac Connor
99a97543f1
Rework generateAuthHash to take a force parameter so that it can be used to generate auth hashes for zmu
2018-06-25 13:43:08 -04:00
Isaac Connor
3bb1a5b544
Whitespace
2018-04-30 13:02:53 -04:00
Isaac Connor
0b0fbae1c5
Add output of paused image when paused
2018-04-12 18:43:57 -04:00
Isaac Connor
530ac15344
remove csrf_startup
2018-04-06 14:46:33 -04:00
Isaac Connor
53ce8c008a
move auth functions into it's own file
2018-04-06 14:36:23 -04:00
Isaac Connor
7b23ef80a4
blah
2018-04-06 14:31:11 -04:00