Enable app-specific password authentication for API login

2019-07-22 07:56:36 -04:00
parent 8cdc0172e7
commit cd257dc7e8
2 changed files with 17 additions and 9 deletions
--- a/include/api.php
+++ b/include/api.php
@@ -236,7 +236,7 @@ function api_login(App $a)
 	if ($addon_auth['authenticated'] && count($addon_auth['user_record'])) {
 		$record = $addon_auth['user_record'];
 	} else {
-		$user_id = User::authenticate(trim($user), trim($password));
+		$user_id = User::authenticate(trim($user), trim($password), true);
 		if ($user_id !== false) {
 			$record = DBA::selectFirst('user', [], ['uid' => $user_id]);
 		}