From 322053c827418130f3e7201f246ab7e188542a00 Mon Sep 17 00:00:00 2001 From: Ultra2D Date: Mon, 7 Mar 2016 14:07:51 +0100 Subject: [PATCH] API access when using LDAP authentication --- html/includes/api_functions.inc.php | 5 ++++- html/includes/authentication/ldap.inc.php | 4 +++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index 8db6f28a4e..5bc471304e 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -15,12 +15,15 @@ require_once '../includes/functions.php'; require_once '../includes/component.php'; require_once '../includes/device-groups.inc.php'; +if (file_exists('../html/includes/authentication/'.$config['auth_mechanism'].'.inc.php')) { + include '../html/includes/authentication/'.$config['auth_mechanism'].'.inc.php'; +} function authToken(\Slim\Route $route) { $app = \Slim\Slim::getInstance(); $token = $app->request->headers->get('X-Auth-Token'); if (isset($token) && !empty($token)) { - $username = dbFetchCell('SELECT `U`.`username` FROM `api_tokens` AS AT JOIN `users` AS U ON `AT`.`user_id`=`U`.`user_id` WHERE `AT`.`token_hash`=?', array($token)); + $username = get_user(dbFetchCell('SELECT `AT`.`user_id` FROM `api_tokens` AS AT WHERE `AT`.`token_hash`=?', array($token))); if (!empty($username)) { $authenticated = true; } diff --git a/html/includes/authentication/ldap.inc.php b/html/includes/authentication/ldap.inc.php index f9cc37b211..a9679072fd 100644 --- a/html/includes/authentication/ldap.inc.php +++ b/html/includes/authentication/ldap.inc.php @@ -189,7 +189,9 @@ function can_update_users() { function get_user($user_id) { - // not supported + foreach (get_userlist() as $users) { + if ($users['user_id'] === $user_id) return $users['username']; + } return 0; }