Implement users tokens

2 files changed, 8 insertions, 1 deletions

diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java
index a61738c7e..6c5263123 100644
--- a/src/org/traccar/api/resource/SessionResource.java
+++ b/src/org/traccar/api/resource/SessionResource.java
@@ -69,6 +69,12 @@ public class SessionResource extends BaseResource {
                     userId = user.getId();
                     request.getSession().setAttribute(USER_ID_KEY, userId);
                 }
+            } else if (request.getParameter("token") != null) {
+                User user = Context.getPermissionsManager().getUserByToken(request.getParameter("token"));
+                if (user != null) {
+                    userId = user.getId();
+                    request.getSession().setAttribute(USER_ID_KEY, userId);
+                }
             }
         }
 
diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java
index c6e84c918..094de2812 100644
--- a/src/org/traccar/api/resource/UserResource.java
+++ b/src/org/traccar/api/resource/UserResource.java
@@ -66,7 +66,8 @@ public class UserResource extends BaseResource {
                 || old.getAdmin() != entity.getAdmin()
                 || old.getReadonly() != entity.getReadonly()
                 || old.getDisabled() != entity.getDisabled()
-                || old.getDeviceLimit() != entity.getDeviceLimit()) {
+                || old.getDeviceLimit() != entity.getDeviceLimit()
+                || !old.getToken().equals(entity.getToken())) {
             Context.getPermissionsManager().checkAdmin(getUserId());
         } else {
             Context.getPermissionsManager().checkUser(getUserId(), entity.getId());