Remove authentication using user.private_token

author: Douwe Maan <douwe@selenight.nl> 2017-10-12 12:01:12 +0300
committer: Douwe Maan <douwe@selenight.nl> 2017-11-02 13:39:02 +0300
commit: 294fa6fcdcfa7d76bc97b754d2930f3686f54997 (patch)
tree: dd2093f86c6828fa59a5a4cbd79ffda16e883382 /app/controllers/application_controller.rb
parent: c03d39df8234be7fc6c846df05e08f204e6f0456 (diff)
1 files changed, 3 insertions, 4 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 391a0519195..3be7aee69bc 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -11,7 +11,7 @@ class ApplicationController < ActionController::Base
   include EnforcesTwoFactorAuthentication
   include WithPerformanceBar
 
-  before_action :authenticate_user_from_private_token!
+  before_action :authenticate_user_from_personal_access_token!
   before_action :authenticate_user_from_rss_token!
   before_action :authenticate_user!
   before_action :validate_user_service_ticket!
@@ -100,13 +100,12 @@ class ApplicationController < ActionController::Base
     return try(:authenticated_user)
   end
 
-  # This filter handles both private tokens and personal access tokens
-  def authenticate_user_from_private_token!
+  def authenticate_user_from_personal_access_token!
     token = params[:private_token].presence || request.headers['PRIVATE-TOKEN'].presence
 
     return unless token.present?
 
-    user = User.find_by_authentication_token(token) || User.find_by_personal_access_token(token)
+    user = User.find_by_personal_access_token(token)
 
     sessionless_sign_in(user)
   end
author	Douwe Maan <douwe@selenight.nl>	2017-10-12 12:01:12 +0300
committer	Douwe Maan <douwe@selenight.nl>	2017-11-02 13:39:02 +0300
commit	294fa6fcdcfa7d76bc97b754d2930f3686f54997 (patch)
tree	dd2093f86c6828fa59a5a4cbd79ffda16e883382 /app/controllers/application_controller.rb
parent	c03d39df8234be7fc6c846df05e08f204e6f0456 (diff)