do not record login event for every tokenAuth

doing a full login is an expensive process in silverstripe ... so if we go for token auth, let's have some performance benefit as well .. for single record ops this can give us 300% more performance.
colymba · Jun 12, 2017 · 4ac0cc6 · 4ac0cc6
1 parent fd3c010
commit 4ac0cc6
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/code/authenticator/RESTfulAPI_TokenAuthenticator.php b/code/authenticator/RESTfulAPI_TokenAuthenticator.php
@@ -421,7 +421,10 @@ private function validateAPIToken($token)
         }
         //all good, log Member in
         if (is_a($tokenOwner, 'Member')) {
-            $tokenOwner->logIn();
+            # $tokenOwner->logIn();
+            # this is a login without the logging
+            $tokenOwner::session_regenerate_id();
+            Session::set("loggedInAs", $tokenOwner->ID);
         }
 
               return true;