fixes #6100 auth_gettoken now works with email address

diff --git a/engine/lib/web_services.php b/engine/lib/web_services.php
index b440e3afbc905a910e2e08e80325d5ff8fc5369a..51cad6f3927dafb4cf8e0c8ec5e0104e89d6779a 100644 (file)
--- a/engine/lib/web_services.php
+++ b/engine/lib/web_services.php
@@ -1166,6 +1166,17 @@ function list_all_apis() {
  * @access private
  */
 function auth_gettoken($username, $password) {
+       // check if username is an email address\r
+       if (is_email_address($username)) {\r
+               $users = get_user_by_email($username);\r
+                       \r
+               // check if we have a unique user\r
+               if (is_array($users) && (count($users) == 1)) {\r
+                       $username = $users[0]->username;\r
+               }\r
+       }\r
+       \r
+       // validate username and password
        if (true === elgg_authenticate($username, $password)) {
                $token = create_user_token($username);
                if ($token) {
@@ -1195,7 +1206,7 @@ $ERRORS = array();
  *
  * @return void
  * @access private
- * 
+ *
  * @throws Exception
  */
 function _php_api_error_handler($errno, $errmsg, $filename, $linenum, $vars) {