ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
zoneminder/web/api
History
Isaac Connor 84492f29b1
Fix token auth sessions (#2676) 
* If token is present do token based auth and do not do anything with session

* update HostController.  Use config constants, don't use sessions

* Remove Session from the components list

* spacing

* Remove Session from App Components list.

* Move APIEnabled check to the api from auth.php

* Rework auth.  login using username and password only occurs on login action now.  Including auth.php should not touch the session.  auth_hash logins no longer touch the session.  replace userLogin with a function called validateUser which matches the semantics of validateToken.

* remove debugging

* Add session storage if stateful query param is on, but only for LEGACY_API_AUTH

* fix mUser to username, etc.

* shuffle lines

* use  instead of session when generating auth hash.

* Add docs regarding the use of cookies and stateful query param

* Only open/close session if we are clearing a session var

* Use zm_session_start instead of session_start

* Should use zm_session_start instead of session_start

* document that zm_session_start should be called previously to session_regenerate_id

* Don't actually write out the session when generating auth hashes.  Means they should never actually persist.

* More backticking of SQL

* add .. to fix #2686

* Use material icons for sort because they look nicer

* fix typo

* have to add authhash to session on login

* restore username&password login for all urls

* fix

* fixes
 		2019-08-20 09:46:53 -04:00
..
app Fix token auth sessions (#2676) 2019-08-20 09:46:53 -04:00
lib/Cake API getVersion Fix -> Undefined variable: eTagMatches... (#2268) 2018-10-23 07:58:07 -04:00
.editorconfig Moved the api to underneath the web directory 2014-04-29 20:41:04 +00:00
CMakeLists.txt Update CMakeLists.txt 2017-05-03 12:35:54 -05:00
CONTRIBUTING.md Moved the api to underneath the web directory 2014-04-29 20:41:04 +00:00
README.md Update README.md 2015-08-21 11:29:35 +02:00
build.properties Moved the api to underneath the web directory 2014-04-29 20:41:04 +00:00
build.xml Moved the api to underneath the web directory 2014-04-29 20:41:04 +00:00
composer.json Moved the api to underneath the web directory 2014-04-29 20:41:04 +00:00
index.php Moved the api to underneath the web directory 2014-04-29 20:41:04 +00:00

README.md

ZoneMinder API

This is the ZoneMinder API. It should be, for now, installed under the webroot e.g. /api.

app/Config/database.php.default must be configured and copied to app/Config/database.php

In adition, Security.salt and Security.cipherSeed in app/Config/core.php should be changed.

The API can run on a dedicated / separate instance, so long as it can access the database as configured in app/Config/database.php