aboutsummaryrefslogtreecommitdiff
path: root/services/api/rest.php
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-09-25 19:54:04 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-09-25 19:54:04 +0000
commit45f7ac5696d51a8cb8a538b9dded640df27128a5 (patch)
tree5118da01b2f6fc943a5596d6c2ae139ac4203003 /services/api/rest.php
parentc966ed58284071ebb1fcbe009e4047010c253fcc (diff)
downloadelgg-45f7ac5696d51a8cb8a538b9dded640df27128a5.tar.gz
elgg-45f7ac5696d51a8cb8a538b9dded640df27128a5.tar.bz2
Committing what I have at the end of the day, api still not 100%
git-svn-id: https://code.elgg.org/elgg/trunk@2138 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'services/api/rest.php')
-rw-r--r--services/api/rest.php9
1 files changed, 4 insertions, 5 deletions
diff --git a/services/api/rest.php b/services/api/rest.php
index cee7ebc43..c6632cbc7 100644
--- a/services/api/rest.php
+++ b/services/api/rest.php
@@ -29,21 +29,20 @@
throw new SecurityException(elgg_echo('SecurityException:APIAccessDenied'));
// Register some default PAM methods, plugins can add their own
- register_pam_handler('pam_auth_session');
- register_pam_handler('pam_auth_hmac');
+ register_pam_handler('pam_auth_session_or_hmac'); // Command must either be authenticated by a hmac or the user is already logged in
register_pam_handler('pam_auth_usertoken', 'required'); // Either token present and valid OR method doesn't require one.
register_pam_handler('pam_auth_anonymous_method'); // Support anonymous functions
// Get parameter variables
$method = get_input('method');
$result = null;
-
+
// Authenticate session
if (pam_authenticate())
{
// Authenticated somehow, now execute.
- $token = "";
- $params = $CONFIG->input;// Use $CONFIG->input instead of $_REQUEST since this is called by the pagehandler
+ $token = "";
+ $params = get_parameters_for_method($method); // Use $CONFIG->input instead of $_REQUEST since this is called by the pagehandler
if (isset($params['auth_token'])) $token = $params['auth_token'];
$result = execute_method($method, $params, $token);