<?php
/**
- * @copyright Copyright (C) 2010-2021, the Friendica project
+ * @copyright Copyright (C) 2010-2022, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
return (int)self::$current_user_id;
}
+ public static function setCurrentUserID(int $uid = null)
+ {
+ self::$current_user_id = $uid;
+ }
+
/**
* Fetch a dummy application token
*
return [];
}
- if (!empty(self::$current_token)) {
- return self::$current_token;
- }
+ //if (!empty(self::$current_token)) {
+ // return self::$current_token;
+ //}
$source = $_REQUEST['source'] ?? '';
private static function getUserIdByAuth(bool $do_login = true):int
{
$a = DI::app();
- Session::set('allow_api', false);
self::$current_user_id = 0;
// workaround for HTTP-auth in CGI mode
if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
- if (strlen($userpass)) {
+ if (!empty($userpass) && strpos($userpass, ':')) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
return 0;
}
Logger::debug('Access denied', ['parameters' => $_SERVER]);
- header('WWW-Authenticate: Basic realm="Friendica"');
+ // Checking for commandline for the tests, we have to avoid to send a header
+ if (php_sapi_name() !== 'cli') {
+ header('WWW-Authenticate: Basic realm="Friendica"');
+ }
throw new UnauthorizedException("This API requires login");
}
DI::auth()->setForUser($a, $record, false, false, $login_refresh);
- Session::set('allow_api', true);
+ Hook::callAll('logged_in', $record);
- Hook::callAll('logged_in', $a->user);
+ self::$current_user_id = local_user();
- if (Session::get('allow_api')) {
- self::$current_user_id = local_user();
- } else {
- self::$current_user_id = 0;
- }
return self::$current_user_id;
}
}