From 85aefbf42d18f58be1d8536722d368fa971444cf Mon Sep 17 00:00:00 2001
From: nuxsmin <nuxsmin@syspass.org>
Date: Thu, 23 Feb 2017 11:43:44 +0100
Subject: [PATCH] * [MOD] Improved API auth security. There is no need to
 provide the user's password, it will ask for a token password when generating
 it.

---
 inc/SP/Mgmt/ApiTokens/ApiToken.class.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/inc/SP/Mgmt/ApiTokens/ApiToken.class.php b/inc/SP/Mgmt/ApiTokens/ApiToken.class.php
index 718fcf4b..9c920449 100644
--- a/inc/SP/Mgmt/ApiTokens/ApiToken.class.php
+++ b/inc/SP/Mgmt/ApiTokens/ApiToken.class.php
@@ -383,8 +383,7 @@ class ApiToken extends ApiTokenBase implements ItemInterface
     {
         $query = /** @lang SQL */
             'SELECT authtoken_userId,
-            authtoken_key,
-            authtoken_pass,
+            authtoken_vault,
             authtoken_hash 
             FROM authTokens
             WHERE authtoken_actionId = ?