From c5cbd04b5e41006310417179ac99b28e0e91aa5b Mon Sep 17 00:00:00 2001
From: Henning Leutz <leutz@pcsg.de>
Date: Sun, 7 Feb 2016 12:31:42 +0100
Subject: [PATCH] browser call -> auth

---
 bin/cron.php | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/bin/cron.php b/bin/cron.php
index c627bd0..a9fc947 100644
--- a/bin/cron.php
+++ b/bin/cron.php
@@ -12,6 +12,29 @@ use \Symfony\Component\HttpFoundation\Response;
 $Cron     = new QUI\Cron\Manager();
 $Response = QUI::getGlobalResponse();
 
+
+try {
+    if (!QUI::getUserBySession()->getId()
+        && isset($_GET['username'])
+        && isset($_GET['password'])
+        && isset($_GET['login'])
+    ) {
+        $User = QUI::getUsers()->login(
+            $_GET['username'],
+            $_GET['password']
+        );
+
+        if ($User->getId()) {
+            QUI::getSession()->set('uid', $User->getId());
+
+            QUI\Rights\Permission::setUser($User);
+        }
+    }
+} catch (QUI\Exception $Exception) {
+    $Response->setStatusCode(Response::HTTP_FORBIDDEN);
+    $Response->send();
+}
+
 try {
     $Cron->execute();
 
-- 
GitLab