We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit 32facb97 authored by Jonas Haraldsson's avatar Jonas Haraldsson

callback_url to cb

md5
parent 4f4803a2
......@@ -61,8 +61,9 @@ if (!isset($_REQUEST['api_key'])) {
displayError('Must submit a combination of parameters api_key and cb or api_key and token to proceed.');
// Web app auth step 1
} elseif (isset($_GET['api_key']) && isset($_GET['cb']) && !isset($_GET['token'])) {
} elseif (isset($_GET['api_key']) && isset($_GET['cb']) && !isset($_POST['token'])) {
$token = Server::getAuthToken();
$smarty->assign('info', 'webappauth1');
$smarty->assign('token', $token);
$smarty->assign('cb', $_GET['cb']);
$smarty->assign('api_key', $_GET['api_key']);
......@@ -83,7 +84,7 @@ if (!isset($_REQUEST['api_key'])) {
if (!$result) {
displayError('Invalid token');
}
$smarty->assign('info', 'desktopappauth1');
$smarty->assign('api_key', $_GET['api_key']);
$smarty->assign('token', $_GET['token']);
......@@ -91,7 +92,7 @@ if (!isset($_REQUEST['api_key'])) {
} elseif (isset($_POST['username'], $_POST['api_key'], $_POST['token'], $_POST['password'])) {
// Authenticate the user using the submitted password
$query = 'SELECT username FROM Users WHERE lower(username) = lower(?) AND password = ?';
$params = array($_POST['username'], $_POST['password']);
$params = array($_POST['username'], md5($_POST['password']));
try {
$result = $adodb->GetOne($query, $params);
} catch (Exception $e) {
......@@ -119,6 +120,7 @@ if (!isset($_REQUEST['api_key'])) {
// Desktop app auth step 2.2
} else {
$smarty->assign('info', 'webappauth2.2');
$smarty->assign('username', $_POST['username']);
}
}
......
......@@ -13,8 +13,8 @@
<input type="submit" value="Submit" />
<input type="hidden" name="api_key" value="{$api_key}" />
<input type="hidden" name="token" value="{$token}" />
{if $callback_url}
<input type="hidden" name="callback_url" value="{$callback_url}" />
{if $cb}
<input type="hidden" name="cb" value="{$cb}" />
{/if}
</p>
</form>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment