From 6b3e14281cab40982c6d05ed0856c0447601a3b9 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Fri, 30 Sep 2016 12:01:52 +0200 Subject: api/user/create_apikey: Directly log in with username/pw Signed-off-by: Florian Pritz --- application/controllers/api/v1/user.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'application/controllers/api') diff --git a/application/controllers/api/v1/user.php b/application/controllers/api/v1/user.php index e96a6c6fb..38247d02c 100644 --- a/application/controllers/api/v1/user.php +++ b/application/controllers/api/v1/user.php @@ -24,7 +24,16 @@ class user extends \controllers\api\api_controller { public function create_apikey() { + $username = $this->input->post("username"); + $password = $this->input->post("password"); + if ($username && $password) { + if (!$this->muser->login($username, $password)) { + throw new \exceptions\NotAuthenticatedException("user/login-failed", "Login failed"); + } + } + $this->muser->require_access("full"); + $userid = $this->muser->get_userid(); $comment = $this->input->post("comment"); $comment = $comment === false ? "" : $comment; -- cgit v1.2.3-24-g4f1b