Commit e2a4051c authored by Timothy Andrew's avatar Timothy Andrew

Allow personal access tokens to be specified in a header.

- In addition to a param.
parent 5fb44192
......@@ -6,6 +6,7 @@ module API
SUDO_HEADER ="HTTP_SUDO"
SUDO_PARAM = :sudo
PERSONAL_ACCESS_TOKEN_PARAM = :personal_access_token
PERSONAL_ACCESS_TOKEN_HEADER = "HTTP_PERSONAL_ACCESS_TOKEN"
def find_user_by_private_token
private_token = (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]).to_s
......@@ -13,10 +14,9 @@ module API
end
def find_user_by_personal_access_token
personal_access_token = PersonalAccessToken.find_by_token(params[PERSONAL_ACCESS_TOKEN_PARAM])
if personal_access_token
personal_access_token.user
end
personal_access_token_string = (params[PERSONAL_ACCESS_TOKEN_PARAM] || env[PERSONAL_ACCESS_TOKEN_HEADER]).to_s
personal_access_token = PersonalAccessToken.find_by_token(personal_access_token_string)
personal_access_token.user if personal_access_token
end
def current_user
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment