• Helmut Hummel's avatar
    Allow SOAP endpoint to authenticate via session · a2d12007
    Helmut Hummel authored
    Since we call the SOAP endpoint for certain actions
    of an authenticated user on extensions.typo3.org
    (like registering ext keys) and we do not know
    the password at this point any more,
    we now include the session id in the SOAP request,
    so that TYPO3 will login this user before the SOAP
    endpoint is triggered.
    In the endpoint, we can then just check if a user is
    already logged in and whether the username given
    matches the username of the logged in user.