diff --git a/api/index.php b/api/index.php index 6ade0ab09..3ce16569c 100644 --- a/api/index.php +++ b/api/index.php @@ -62,17 +62,7 @@ try { break; } } catch (InvalidArgumentException $e) { - - if (Auth::getInstance()->attempt(post('username'), post('password'))) { - $result = Auth::getInstance()->getToken(); - }else{ - $result = API::error('unauthorized'); - // Se รจ in corso un brute-force, aggiunge il timeout - if (Auth::isBrute() && post('resource')=='login' ){ - $result = Auth::getBruteTimeout(); - } - } - + $result = API::error('unauthorized'); } catch (Exception $e) { $result = API::error('serverError'); } diff --git a/modules/utenti/api/create.php b/modules/utenti/api/create.php index 2cdf34920..905a134c1 100644 --- a/modules/utenti/api/create.php +++ b/modules/utenti/api/create.php @@ -3,7 +3,7 @@ switch ($resource) { case 'login': // Controllo sulle credenziali - if (Auth::getInstance()->attempt(post('username'), post('password'))) { + if (Auth::getInstance()->attempt($request['username'], $request['password'])) { $token = Auth::getInstance()->getToken(); // Informazioni da restituire tramite l'API