diff options
Diffstat (limited to 'engine')
| -rw-r--r-- | engine/lib/api.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/engine/lib/api.php b/engine/lib/api.php index f32faf9d5..b60f90572 100644 --- a/engine/lib/api.php +++ b/engine/lib/api.php @@ -737,6 +737,8 @@ /** * Function that examines whether an authentication token is present returning true if it is, OR the requested * method doesn't require one. + * + * If a token is present and a validated user id is returned, that user is logged in to the current session. * * @param unknown_type $credentials */ @@ -749,6 +751,9 @@ $validated_userid = validate_user_token($CONFIG->site_id, $token); + if ($validated_userid) + login(get_entity($validated_userid)); + if ((!$METHODS[$method]["require_auth_token"]) || ($validated_userid) || (isloggedin())) return true; else |