mirror of
https://github.com/ZoneMinder/zoneminder.git
synced 2026-02-05 20:11:08 -05:00
84492f29b1
* If token is present do token based auth and do not do anything with session * update HostController. Use config constants, don't use sessions * Remove Session from the components list * spacing * Remove Session from App Components list. * Move APIEnabled check to the api from auth.php * Rework auth. login using username and password only occurs on login action now. Including auth.php should not touch the session. auth_hash logins no longer touch the session. replace userLogin with a function called validateUser which matches the semantics of validateToken. * remove debugging * Add session storage if stateful query param is on, but only for LEGACY_API_AUTH * fix mUser to username, etc. * shuffle lines * use instead of session when generating auth hash. * Add docs regarding the use of cookies and stateful query param * Only open/close session if we are clearing a session var * Use zm_session_start instead of session_start * Should use zm_session_start instead of session_start * document that zm_session_start should be called previously to session_regenerate_id * Don't actually write out the session when generating auth hashes. Means they should never actually persist. * More backticking of SQL * add .. to fix #2686 * Use material icons for sort because they look nicer * fix typo * have to add authhash to session on login * restore username&password login for all urls * fix * fixes
ZoneMinder API
This is the ZoneMinder API. It should be, for now, installed under the webroot e.g. /api.
app/Config/database.php.default must be configured and copied to app/Config/database.php
In adition, Security.salt and Security.cipherSeed in app/Config/core.php should be changed.
The API can run on a dedicated / separate instance, so long as it can access the database as configured in app/Config/database.php