@anonymous-matomo-user opened this Issue on September 27th 2012

This is a revisit of this old bug - [1260]

The VisitSummary and VisitFrequency widgets don't work when using a token_auth string for authentication. The above bug allowed the Widgetize pluging to authenticate with token_auth, however some widgets make direct api calls to plugins bypassing the widgetize plugin. For example the Visit Overview widget (i.e. - [http://demo.piwik.org/index.php?module=Widgetize&action=iframe&moduleToWidgetize=VisitsSummary&actionToWidgetize=index&idSite=7&period=day&date=yesterday&disableLink=1&widget=1]), doesn't authenticate correctly for the little spark line graphs at the bottom if authenticating via token_auth. Each of these are generated via separate calls direct to the VisitsSummary module, which doesn't authenticate via the token_auth string. Also, if you add any other sparklines via the 'Metrics to Plot' box in the widget, this also makes direct calls to the module and doesn't authenticate correctly. The same can be seen with the VisitFrequency widget, when you add extra sparklines.

To fix this I added a call to "Piwik_API_Request::reloadAuthUsingTokenAuth();" as the first line of the getEvolutionGraph() function in both VisitsSummary and VisitFrequency Controller.php files. I'm not going to do a patch for this as I'm not sure if this is a recommended approach as it seems the getEvolutionGraph() function is called internally by other things - so this may introduce other problems.

@anonymous-matomo-user commented on September 27th 2012

Attachment: Actually - here's a patch - just in case it helps...
token_auth_bugfix.patch

@mattab commented on October 6th 2012 Member

I guess it would make sense to auth the graphs as well, but let's double check this patch.

@mattab commented on April 4th 2013 Member

it's working now!

This Issue was closed on April 4th 2013
Powered by GitHub Issue Mirror