From d8f387938c41e6b105e402d27b5d0e7e94d01502 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 19 Apr 2021 14:30:09 +0200 Subject: [PATCH] Try to use 2 different names for operation --- htdocs/api/class/api_login.class.php | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/htdocs/api/class/api_login.class.php b/htdocs/api/class/api_login.class.php index 5209cc51157..df5b9945a76 100644 --- a/htdocs/api/class/api_login.class.php +++ b/htdocs/api/class/api_login.class.php @@ -52,6 +52,28 @@ class Login * @throws RestException 500 System error * * @url GET / + */ + public function loginUnsecured($login, $password, $entity = '', $reset = 0) + { + return $this->index($login, $password, $entity, $reset); + } + + /** + * Login + * + * Request the API token for a couple username / password. + * Using method POST is recommanded for security reasons (method GET is often logged by default by web servers with parameters so with login and pass into server log file). + * Both methods are provided for developer conveniance. Best is to not use at all the login API method and enter directly the "DOLAPIKEY" into field at the top right of page. Note: The API token (DOLAPIKEY) can be found/set on the user page. + * + * @param string $login User login + * @param string $password User password + * @param string $entity Entity (when multicompany module is used). '' means 1=first company. + * @param int $reset Reset token (0=get current token, 1=ask a new token and canceled old token. This means access using current existing API token of user will fails: new token will be required for new access) + * @return array Response status and user token + * + * @throws RestException 403 Access denied + * @throws RestException 500 System error + * * @url POST / */ public function index($login, $password, $entity = '', $reset = 0)