diff options
author | Douwe Maan <douwe@selenight.nl> | 2017-10-12 12:01:12 +0300 |
---|---|---|
committer | Douwe Maan <douwe@selenight.nl> | 2017-11-02 13:39:02 +0300 |
commit | 294fa6fcdcfa7d76bc97b754d2930f3686f54997 (patch) | |
tree | dd2093f86c6828fa59a5a4cbd79ffda16e883382 /app/controllers/application_controller.rb | |
parent | c03d39df8234be7fc6c846df05e08f204e6f0456 (diff) |
Remove authentication using user.private_token
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r-- | app/controllers/application_controller.rb | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 391a0519195..3be7aee69bc 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -11,7 +11,7 @@ class ApplicationController < ActionController::Base include EnforcesTwoFactorAuthentication include WithPerformanceBar - before_action :authenticate_user_from_private_token! + before_action :authenticate_user_from_personal_access_token! before_action :authenticate_user_from_rss_token! before_action :authenticate_user! before_action :validate_user_service_ticket! @@ -100,13 +100,12 @@ class ApplicationController < ActionController::Base return try(:authenticated_user) end - # This filter handles both private tokens and personal access tokens - def authenticate_user_from_private_token! + def authenticate_user_from_personal_access_token! token = params[:private_token].presence || request.headers['PRIVATE-TOKEN'].presence return unless token.present? - user = User.find_by_authentication_token(token) || User.find_by_personal_access_token(token) + user = User.find_by_personal_access_token(token) sessionless_sign_in(user) end |