From bc46f70a90a25cc3f4395c1badfec6aad351589f Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 21 Jul 2016 20:04:30 -0700 Subject: zat URL auth updated to match changes to the atoken_login interface --- include/auth.php | 12 ++++++++++-- include/channel.php | 3 ++- 2 files changed, 12 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/auth.php b/include/auth.php index f8120981a..f3592cee3 100644 --- a/include/auth.php +++ b/include/auth.php @@ -16,16 +16,24 @@ require_once('include/security.php'); /** * @brief Verify login credentials. * - * If system authlog is set a log entry will be added for failed login + * If system.authlog is set a log entry will be added for failed login * attempts. * - * @param string $email + * @param string $login * The login to verify (channel address, account email or guest login token). * @param string $pass * The provided password to verify. * @return array|null * Returns account record on success, null on failure. + * The return array is dependent on the login mechanism. + * $ret['account'] will be set if either an email or channel address validation was successful (local login). + * $ret['channel'] will be set if a channel address validation was successful. + * $ret['xchan'] will be set if a guest access token validation was successful. + * Keys will exist for invalid return arrays but will be set to null. + * This function does not perform a login. It merely validates systems passwords and tokens. + * */ + function account_verify_password($login, $pass) { $ret = [ 'account' => null, 'channel' => null, 'xchan' => null ]; diff --git a/include/channel.php b/include/channel.php index 708e70b1c..a5233743d 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1371,7 +1371,8 @@ function zat_init() { dbesc($_REQUEST['zat']) ); if($r) { - atoken_login($r[0]); + $xchan = atoken_xchan($r[0]); + atoken_login($xchan); } } -- cgit v1.2.3