Merge branch 'dev' into 320-template

author: Marien Fressinaud <dev@marienfressinaud.fr> 2014-05-13 21:03:32 +0200
committer: Marien Fressinaud <dev@marienfressinaud.fr> 2014-05-13 21:03:32 +0200
commit: a86a51cca69b7256d3a8dcf1c68447b6d5abe917 (patch)
tree: b461e144d54656fb3c2c95aee96d6303cf6fa12c /app/Controllers/usersController.php
parent: 88fa624a02d0346c2eb9173b1e9a02fc38b56d50 (diff)
parent: e763cd407a57e4829c2b6ffbddb164e5676670d7 (diff)
1 files changed, 19 insertions, 1 deletions
diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php
index bb4f34c5e..fa967cedc 100644
--- a/app/Controllers/usersController.php
+++ b/app/Controllers/usersController.php
@@ -32,6 +32,18 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 			}
 			Minz_Session::_param('passwordHash', $this->view->conf->passwordHash);
 
+			$passwordPlain = Minz_Request::param('apiPasswordPlain', false);
+			if ($passwordPlain != '') {
+				if (!function_exists('password_hash')) {
+					include_once(LIB_PATH . '/password_compat.php');
+				}
+				$passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT, array('cost' => self::BCRYPT_COST));
+				$passwordPlain = '';
+				$passwordHash = preg_replace('/^\$2[xy]\$/', '\$2a\$', $passwordHash);	//Compatibility with bcrypt.js
+				$ok &= ($passwordHash != '');
+				$this->view->conf->_apiPasswordHash($passwordHash);
+			}
+
 			if (Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
 				$this->view->conf->_mail_login(Minz_Request::param('mail_login', false));
 			}
@@ -57,13 +69,19 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 				$anon_refresh = Minz_Request::param('anon_refresh', false);
 				$anon_refresh = ((bool)$anon_refresh) && ($anon_refresh !== 'no');
 				$auth_type = Minz_Request::param('auth_type', 'none');
+				$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
+				$api_enabled = Minz_Request::param('api_enabled', false);
 				if ($anon != Minz_Configuration::allowAnonymous() ||
 					$auth_type != Minz_Configuration::authType() ||
-					$anon_refresh != Minz_Configuration::allowAnonymousRefresh()) {
+					$anon_refresh != Minz_Configuration::allowAnonymousRefresh() ||
+					$unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() ||
+					$api_enabled != Minz_Configuration::apiEnabled()) {
 
 					Minz_Configuration::_authType($auth_type);
 					Minz_Configuration::_allowAnonymous($anon);
 					Minz_Configuration::_allowAnonymousRefresh($anon_refresh);
+					Minz_Configuration::_enableAutologin($unsafe_autologin);
+					Minz_Configuration::_enableApi($api_enabled);
 					$ok &= Minz_Configuration::writeFile();
 				}
 			}
author	Marien Fressinaud <dev@marienfressinaud.fr>	2014-05-13 21:03:32 +0200
committer	Marien Fressinaud <dev@marienfressinaud.fr>	2014-05-13 21:03:32 +0200
commit	a86a51cca69b7256d3a8dcf1c68447b6d5abe917 (patch)
tree	b461e144d54656fb3c2c95aee96d6303cf6fa12c /app/Controllers/usersController.php
parent	88fa624a02d0346c2eb9173b1e9a02fc38b56d50 (diff)
parent	e763cd407a57e4829c2b6ffbddb164e5676670d7 (diff)