CM89 - contract changes

api/v2/authorization.php

@@ -7,7 +7,8 @@ defined($security_key) or exit;
 $user_credentials = json_decode($input,true);
 //Connect to DB
 $pdo = dbConnect($dbname);
-$username = $user_credentials['username'] ?? '';
+//User username or clientID
+$username = (isset($user_credentials['username']))? $user_credentials['username'] : (isset($user_credentials['clientID'])? $user_credentials['clientID'] : '');
 //Define Query
 $stmt = $pdo->prepare('SELECT * FROM users WHERE username = ?');
 //Excute Query
@@ -21,8 +22,8 @@ if ($stmt->rowCount() == 1) {
     $user_data = $stmt->fetch();
     $permission = userRights($user_data['view']);
     $profile = getProfile($user_data['settings'],$permission);
-    $password = $user_credentials['password'];
-
+    $password = (isset($user_credentials['password']))? $user_credentials['password'] : (isset($user_credentials['clientsecret'])? $user_credentials['clientsecret'] : '');
+ 
     if ($user_data['login_count'] < 5){
         if (array_key_exists('resetkey', $user_credentials)){
                 
@@ -51,9 +52,10 @@ if ($stmt->rowCount() == 1) {
 
                 //RETURN JWT AND CLIENTSECRET
                 $user = array(
-                    'clientID' => $user_data['id'],
+                    'clientID' => $user_data['username'],
                     'token' => $token,
-                    'clientsecret' => $user_data['userkey']
+                    'token_valid' => date('Y-m-d H:i:s',time() + 1800),
+                    'userkey' => $user_data['userkey']
                 );
 
                 //Reset login count after succesfull attempt