aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-09-22 20:42:20 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-09-22 20:42:20 +0000
commit0a017d37174296abd5a1a34284eaf9313b32ecf4 (patch)
tree07545fa9d696925998e8491fe6202a7aa409432c
parent4bdfbe72be718a36db2280ab3fa32388f4d5ff34 (diff)
downloadelgg-0a017d37174296abd5a1a34284eaf9313b32ecf4.tar.gz
elgg-0a017d37174296abd5a1a34284eaf9313b32ecf4.tar.bz2
API improvement. Authentication via token now logs user in for that session.
git-svn-id: https://code.elgg.org/elgg/trunk@2103 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--engine/lib/api.php5
1 files changed, 5 insertions, 0 deletions
diff --git a/engine/lib/api.php b/engine/lib/api.php
index f32faf9d5..b60f90572 100644
--- a/engine/lib/api.php
+++ b/engine/lib/api.php
@@ -737,6 +737,8 @@
/**
* Function that examines whether an authentication token is present returning true if it is, OR the requested
* method doesn't require one.
+ *
+ * If a token is present and a validated user id is returned, that user is logged in to the current session.
*
* @param unknown_type $credentials
*/
@@ -749,6 +751,9 @@
$validated_userid = validate_user_token($CONFIG->site_id, $token);
+ if ($validated_userid)
+ login(get_entity($validated_userid));
+
if ((!$METHODS[$method]["require_auth_token"]) || ($validated_userid) || (isloggedin()))
return true;
else