Commit Graph

22 Commits

Author SHA1 Message Date
Isaac Connor 4f80ca6871 Use userLogin function from auth.php instead of cake code. 2018-07-11 10:33:49 -04:00
Isaac Connor f10509690b add username and passwordHash to Session so that generateAuthHash works 2018-07-11 09:54:15 -04:00
Isaac Connor 21438d17ac Fix authenticating User 2018-07-10 13:19:51 -04:00
Isaac Connor 930d929427 Merge branch 'storageareas' into api_auth 2018-07-10 12:46:30 -04:00
Isaac Connor 513708b11c don't need to define the config, it will have already been done. Include auth.php instead of functions.php as the code has been moved 2018-04-06 14:42:10 -04:00
Isaac Connor 632ab143fe error when can't set session in cake 2018-04-05 14:21:56 -04:00
Isaac Connor 150aa5be51 Merge branch 'master' into api_auth 2017-06-09 12:33:17 -04:00
Matt N 33092e4022 Allow API authentication using the `auth` query parameter containing an auth. hash. (#1845)
* Allow API authentication using the `auth` query parameter containing an auth. hash.

Fixes #1827

The same auth. hash for zms is used here. This allows consumers to use the API without sending the password in the query string and not require forging logins via the login form.

* Move logger.php's global Debug function to Logger::Debug to avoid polluting globals

This avoids a conflict with CakePHP when logger.php gets included indrectly from API code.

* Protect action=login when ZM_ENABLE_CSRF_MAGIC is enabled
2017-05-15 21:51:48 -04:00
Matthew Noorenberghe ea558c79a0 Fix check that API user is enabled 2017-03-20 17:16:24 -07:00
Isaac Connor b4aec41d3d fix warnings and move User import up higher to where it needs to be 2016-06-21 09:09:58 -04:00
Isaac Connor dbdd1ae51e remove debug logging 2016-06-07 16:26:58 -04:00
Isaac Connor f26c9168c4 if user=&pass= are in request, use them for auth 2016-06-07 16:25:35 -04:00
Isaac Connor 6cb163c37f Merge branch 'master' into api_auth 2016-06-07 16:23:50 -04:00
arjunrc 6e606aa74b removed issue # 2015-12-19 19:04:27 -05:00
arjunrc 38b4785557 PP - Gone,flitted away, Taken the starts from the night and sun, From the day! Gone, and a cloud in my heart. - Tennyson 2015-12-19 18:36:38 -05:00
arjunrc 028c9b956c check for opt_use_api, also pull in user roles support 2015-12-19 17:44:02 -05:00
Pliable Pixels a64f7c0036 Included logic to not enforce authentication in API layer if ZM_OPT_USE_AUTH is disabled
If ZM auth is off, API won't work. Changed this to make sure API disables auth if ZM disables auth
2015-08-11 14:47:49 -04:00
Pliable Pixels f7025aaa26 I was using the wrong field to check for portal authentication
Should be user.Username instead of username
2015-08-10 15:55:44 -04:00
Pliable Pixels 38799050ef APIs will be served only if user is logged into the ZM portal 2015-08-07 16:14:02 -04:00
Isaac Connor fadfc01d81 TUrn on sessions and auth 2015-06-30 11:27:33 -04:00
Ubuntu dd9603f70f Merged Angular UI branch API to master 2015-06-11 02:58:58 +00:00
Kyle Johnson f1f3de6d7d Moved the api to underneath the web directory 2014-04-29 20:41:04 +00:00