App specific token_auths (#15410)

* some initial work

* add security page

* backing up some code

* more functionality

* adjust more UI parts

* adjust more code

* more tweaks

* add todo note

* few tweaks

* make sure date is in right format

* fix not existing column

* few fixes

* available hashes

* use different hash algo so tests run on php 5

* fix name of aglorithm

* trying to fix some tests

* another try to fix some tests

* more fixes

* more fixes

* few fixes

* update template

* fix some tests

* fix test

* fixing some tests

* various test fixes

* more fixes

* few more tests

* more tests

* various tweaks

* add translations

* add some ui tests

* fix selector

* tweaks

* trying to fix some ui tests

* fallback to regular authentication if needed

* fix call authenticate on null

* fix user settings

* fix some tests

* few fixes

* fix more ui tests

* update schema

* Update plugins/CoreHome/angularjs/widget-loader/widgetloader.directive.js

Co-Authored-By: Stefan Giehl <stefan@matomo.org>

* fix maps are not showing data

* trying to fix some tests

* set correct token

* trying to fix tracking failure

* minor tweaks and fixes

* fix more tests

* fix screenshot test

* trigger event so brute force logic is executed

* test no fallback to actual authentication

* allow fallback

* apply review feedback

* fix some tests

* fix tests

* make sure location values from query params are limited properly before attempting a db insert

* make sure plugin uninstall migration reloads plugins, make sure 4.0.0-b1 migration removes unique index that is no longer used, use defaults extra file in SqlDump to get test to run on travis

* Fix UI tests.

* update expected screenshot

Co-authored-by: Stefan Giehl <stefan@matomo.org>
Co-authored-by: diosmosis <diosmosis@users.noreply.github.com>

2 files changed, 4 insertions, 1 deletions

diff --git a/plugins/CoreHome/angularjs/common/services/piwik-api.js b/plugins/CoreHome/angularjs/common/services/piwik-api.js
index e2195f7ff1..e34ca41593 100644
--- a/plugins/CoreHome/angularjs/common/services/piwik-api.js
+++ b/plugins/CoreHome/angularjs/common/services/piwik-api.js
@@ -49,6 +49,7 @@ var hasBlockedContent = false;
         function withTokenInUrl()
         {
             postParams['token_auth'] = piwik.token_auth;
+            postParams['force_api_session'] = '1';
         }
 
         function isRequestToApiMethod() {
@@ -191,6 +192,7 @@ var hasBlockedContent = false;
         function getPostParams (params) {
             if (isRequestToApiMethod() || piwik.shouldPropagateTokenAuth) {
                 params.token_auth = piwik.token_auth;
+                params.force_api_session = '1';
             }
 
             return params;
@@ -276,6 +278,7 @@ var hasBlockedContent = false;
             if (_postParams_) {
                 if (postParams && postParams.token_auth && !_postParams_.token_auth) {
                     _postParams_.token_auth = postParams.token_auth;
+                    _postParams_.force_api_session = '1';
                 }
                 postParams = _postParams_;
             }
diff --git a/plugins/CoreHome/angularjs/common/services/piwik-api.spec.js b/plugins/CoreHome/angularjs/common/services/piwik-api.spec.js
index e33fa329e2..916c5b73e1 100644
--- a/plugins/CoreHome/angularjs/common/services/piwik-api.spec.js
+++ b/plugins/CoreHome/angularjs/common/services/piwik-api.spec.js
@@ -218,7 +218,7 @@
             ]).then(function (response) {
                 var restOfExpected = "index.php?method=API.getBulkRequest&module=API&format=JSON2&idSite=1&period=day&date= - "
                     + "urls%5B%5D=%3Fmethod%3DSomePlugin.action%26param%3Dvalue&urls%5B%5D=%3Fmethod%3DSomeOtherPlugin.action"
-                    + "&token_auth=100bf5eeeed1468f3f9d93750044d3dd";
+                    + "&token_auth=100bf5eeeed1468f3f9d93750044d3dd&force_api_session=1";
 
                 expect(response.length).to.equal(2);
                 expect(response[0]).to.equal("Response #1: " + restOfExpected);