I didn't quite like I didn't get the token as JSON.

This patch was sponsored by Tag1 Consulting .

token_service.patch1.57 KBchx
PASSED: [[SimpleTest]]: [MySQL] 1,589 pass(es).
[ View ]


chx’s picture

Title:Add a token service» Add a CSRF token service

Status:Needs review» Needs work

The last submitted patch, token_service.patch, failed testing.

chx’s picture

Status:Needs work» Needs review

Bot fluke.

ygerasimov’s picture

Status:Needs review» Fixed

I have added some changes to the patch and committed it. Main change is:

-function _services_sessions_authenticate_call() {
+function _services_sessions_authenticate_call($module, $controller) {
   global $user;
   $original_user = services_get_server_info('original_user');

-  if ($original_user->uid != 0) {
+  if ($original_user->uid != 0 && $controller['callback'] != '_user_resource_get_token') {

As in case we are calling XMLRPC server we cannot depend on url.

joachim’s picture

Could we possibly have a new release with this service? Without it, you need to know the base URL to a site, which is impossible to determine from the endpoint URL. That's a big problem for Clients module.

Status:Fixed» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.