} # if SpotTiming::stop('auth'); /* * And check if the security groups need updating */ if (!$currentSession['security']->securityValid()) { throw new SecurityNotUpgradedException(); } # if # User session has been loaded, let's translate the categories if ($currentSession['user']['prefs']['user_language'] != 'en_US') { SpotTranslation::initialize($currentSession['user']['prefs']['user_language']); } # if SpotCategories::startTranslation(); /* * Let the form handler know what userid we are using so * we can make the CSRF cookie be user-bounded */ $req->setUserId($currentSession['user']['userid']); /* * Only now it is safe to check wether the user is actually alowed * to authenticate with an API key */ if ($req->doesExist('apikey')) { /* * To use the Spotweb API we need the actual permission */ $currentSession['security']->fatalPermCheck(SpotSecurity::spotsec_consume_api, ''); /*