my $login = $::form->{'{AUTH}login'} || $::auth->get_session_value('login');
return $self->_error(%param) if !defined $login;
+ my $client_id = $::form->{'{AUTH}client_id'} || $::auth->get_session_value('client_id');
+ return $self->_error(%param) if !$client_id || !$::auth->set_client($client_id);
+
%::myconfig = $::auth->read_user(login => $login);
return $self->_error(%param) unless $::myconfig{login};
$::locale = Locale->new($::myconfig{countrycode});
$::request->{layout} = SL::Layout::Dispatcher->new(style => $::myconfig{menustyle});
- my $ok = $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'}));
+ my $ok = $::auth->is_api_token_cookie_valid;
+ $ok ||= $::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, $::form->{'{AUTH}password'}));
$ok ||= !$::form->{'{AUTH}login'} && (SL::Auth::OK() == $::auth->authenticate($::myconfig{login}, undef));
return $self->_error(%param) if !$ok;