Page 1 of 1

loginguest

Posted: Thu Dec 15, 2011 4:00 pm
by spartacus
Seems that the "loginguest" API is broken:

It requires the actual password rather than the SHA1. Is this a bug or feature?

Regards,

Re: loginguest

Posted: Thu Dec 15, 2011 5:07 pm
by madhan
It only takes plain text. Not SHA-1.

Re: loginguest

Posted: Thu Dec 15, 2011 5:44 pm
by spartacus
ok, just a documentation bug then:

loginguest

Login into the Tonido server using a valid Guest user and password. The guest user must already be created in the system in order to login.

Parameters:
userid (POST) The guest login name
password (POST) The SHA1 of the guest password


Is it because guest can't do much anyway?

Re: loginguest

Posted: Thu Dec 15, 2011 7:08 pm
by madhan
No, Tonido originally supported guest login via HTTP Auth, which can only send plain text anyway and when we added loginguest it had to match that. We have to fix the docs then.

Re: loginguest

Posted: Tue Jul 10, 2012 5:52 am
by error666
I'm glad i stumbled across this post, i've been trying to use sha1 for my passwords.

I hope that sha1 will be added again in the future (and in the meantime the documentation is updated ;)