Merge pull request #79 from oetiker/patch-2

do not record login event for every tokenAuth
colymba · Jun 12, 2017 · 5833442 · 5833442
2 parents fd3c010 + 4ac0cc6
commit 5833442
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/code/authenticator/RESTfulAPI_TokenAuthenticator.php b/code/authenticator/RESTfulAPI_TokenAuthenticator.php
@@ -421,7 +421,10 @@ private function validateAPIToken($token)
         }
         //all good, log Member in
         if (is_a($tokenOwner, 'Member')) {
-            $tokenOwner->logIn();
+            # $tokenOwner->logIn();
+            # this is a login without the logging
+            $tokenOwner::session_regenerate_id();
+            Session::set("loggedInAs", $tokenOwner->ID);
         }
 
               return true;