I try to make an auto login.
But when I post username & password in this URL http://xibo.sample/index.php?q=login, I have an error like “expirated form”.
I see there is a token.
Is it possible to desactivate this token or is there any solution to consider ?
The username and password should never be stored once they are entered just the once for login. Auto-login usually functions similar to a “remember me” script where the user has logged in manually once and from then onwards a stored nonce is used to authenticate them. Not something Xibo supports at the moment, but something that could be done with a little thought.
If you must do what you suggest then I would do so by providing a new method “autoLogin” which didn’t check the form token… but really don’t do this