From 6b3e14281cab40982c6d05ed0856c0447601a3b9 Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Fri, 30 Sep 2016 12:01:52 +0200
Subject: api/user/create_apikey: Directly log in with username/pw

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 application/controllers/api/v1/user.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/application/controllers/api/v1/user.php b/application/controllers/api/v1/user.php
index e96a6c6fb..38247d02c 100644
--- a/application/controllers/api/v1/user.php
+++ b/application/controllers/api/v1/user.php
@@ -24,7 +24,16 @@ class user extends \controllers\api\api_controller {
 
 	public function create_apikey()
 	{
+		$username = $this->input->post("username");
+		$password = $this->input->post("password");
+		if ($username && $password) {
+			if (!$this->muser->login($username, $password)) {
+				throw new \exceptions\NotAuthenticatedException("user/login-failed", "Login failed");
+			}
+		}
+
 		$this->muser->require_access("full");
+
 		$userid = $this->muser->get_userid();
 		$comment = $this->input->post("comment");
 		$comment = $comment === false ? "" : $comment;
-- 
cgit v1.2.3-24-g4f1b