tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 16:55:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

Api auth bearer token working

Browse Source
This commit is contained in:
Calvo 2022-12-30 16:11:49 +01:00
parent af800fa886
commit 88aed19d30
2 changed files with 33 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pandora_console/include/auth/mysql.php
View File

@ -168,6 +168,9 @@ function process_user_login_local($login, $pass, $api=false, $passAlreadyEncrypt
$row = db_get_row_sql($sql);
if ($passAlreadyEncrypted) {
$credentials_check = $pass === $row['password'];
} else {
// Perform password check whether it is MD5-hashed (old hashing) or Bcrypt-hashed.
if (strlen($row['password']) === 32) {
// MD5.
@ -176,6 +179,7 @@ function process_user_login_local($login, $pass, $api=false, $passAlreadyEncrypt
// Bcrypt.
$credentials_check = password_verify($pass, $row['password']);
}
}
if ($credentials_check === true) {
// Login OK

7
pandora_console/operation/users/user_edit.php
View File

@ -269,7 +269,8 @@ $user_id = '<div class="label_select_simple"><p class="edit_user_labels">'.__('U
$user_id .= '<span>'.$id.'</span></div>';
$user_id .= '<div class="label_select_simple"><p class="edit_user_labels">'.__('API Token').'</p>';
$user_id .= html_print_anchor(
if (is_management_allowed()) {
$user_id .= html_print_anchor(
[
'onClick' => sprintf(
'javascript:renewAPIToken(\'%s\', \'%s\', \'%s\')',
@ -288,7 +289,9 @@ $user_id .= html_print_anchor(
'class' => 'renew_api_token_link',
],
true
);
);
}
// Check php conf for header auth.
$lines = file('/etc/httpd/conf.d/php.conf');