diff --git a/application/config/rest.php b/application/config/rest.php index af3650d87..a7bdd215f 100644 --- a/application/config/rest.php +++ b/application/config/rest.php @@ -110,7 +110,7 @@ $config['rest_realm'] = 'FHC REST API'; | authorization key | */ -$config['rest_auth'] = 'basic'; +$config['rest_auth'] = 'digest'; /* |-------------------------------------------------------------------------- @@ -145,7 +145,8 @@ $config['auth_source'] = 'library'; | */ $config['auth_library_class'] = 'fhcauth'; -$config['auth_library_function'] = 'auth'; +//$config['auth_library_function'] = 'auth'; +$config['auth_library_function'] = 'auth_digest'; /* |-------------------------------------------------------------------------- @@ -202,7 +203,7 @@ $config['auth_library_function'] = 'auth'; | Array of usernames and passwords for login, if ldap (even library) is configured this is ignored | */ -$config['rest_valid_logins'] = ['admin' => '1234', 'test' => 'test']; +//$config['rest_valid_logins'] = ['admin' => '1234', 'test' => 'test']; /* |-------------------------------------------------------------------------- diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php index c9253079c..591626c5d 100644 --- a/application/libraries/REST_Controller.php +++ b/application/libraries/REST_Controller.php @@ -528,7 +528,7 @@ abstract class REST_Controller extends CI_Controller { { $this->_allow = $this->_detect_api_key(); } - + // Only allow ajax requests if ($this->input->is_ajax_request() === FALSE && $this->config->item('rest_ajax_only')) { @@ -540,7 +540,7 @@ abstract class REST_Controller extends CI_Controller { } // When there is no specific override for the current class/method, use the default auth value set in the config - if ($this->auth_override === FALSE && !($this->config->item('rest_enable_keys') && $this->_allow === TRUE)) + if ($this->auth_override === FALSE && ($this->config->item('rest_enable_keys') && $this->_allow === TRUE)) { $rest_auth = strtolower($this->config->item('rest_auth')); switch ($rest_auth) diff --git a/include/auth_demo.class.php b/include/auth_demo.class.php index 5d91264c9..97e9a16f0 100755 --- a/include/auth_demo.class.php +++ b/include/auth_demo.class.php @@ -65,7 +65,8 @@ class authentication extends auth || $username=='gl2' || $username=='lektor1' || $username=='lektor2' - || $username=='lektor3')) + || $username=='lektor3' + || $username == 'aufname')) return true; else return false;