Commit 307e7ffd authored by Douwe Maan's avatar Douwe Maan

Merge pull request #9083 from roshangautam/roshangautam-patch-1

Fix Resource Owner Password Authentication Flow
parents e1099f97 984f8077
...@@ -101,6 +101,7 @@ v 7.10.0 (unreleased) ...@@ -101,6 +101,7 @@ v 7.10.0 (unreleased)
- Remove truncation from issue titles on milestone page (Jason Blanchard) - Remove truncation from issue titles on milestone page (Jason Blanchard)
- Fix stuck Merge Request merging events from old installations (Ben Bodenmiller) - Fix stuck Merge Request merging events from old installations (Ben Bodenmiller)
- Fix merge request comments on files with multiple commits - Fix merge request comments on files with multiple commits
- Fix Resource Owner Password Authentication Flow
v 7.9.4 v 7.9.4
- Security: Fix project import URL regex to prevent arbitary local repos from being imported - Security: Fix project import URL regex to prevent arbitary local repos from being imported
......
...@@ -11,7 +11,7 @@ Doorkeeper.configure do ...@@ -11,7 +11,7 @@ Doorkeeper.configure do
end end
resource_owner_from_credentials do |routes| resource_owner_from_credentials do |routes|
u = User.find_by(email: params[:username]) u = User.find_by(email: params[:username]) || User.find_by(username: params[:username])
u if u && u.valid_password?(params[:password]) u if u && u.valid_password?(params[:password])
end end
...@@ -83,7 +83,7 @@ Doorkeeper.configure do ...@@ -83,7 +83,7 @@ Doorkeeper.configure do
# #
# If not specified, Doorkeeper enables all the four grant flows. # If not specified, Doorkeeper enables all the four grant flows.
# #
# grant_flows %w(authorization_code implicit password client_credentials) grant_flows %w(authorization_code password client_credentials)
# Under some circumstances you might want to have applications auto-approved, # Under some circumstances you might want to have applications auto-approved,
# so that the user skips the authorization step. # so that the user skips the authorization step.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment