summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2014-11-30 14:32:01 -0800
committerelijah <elijah@riseup.net>2014-11-30 14:32:01 -0800
commit564d4e787a29b50a72c086b94d3c13faf39333f5 (patch)
treea1a3340d60567dfc1337eae76b59183c8648495b
parentc3305f1c29a1a37913bfb05cd11d547e9d7f16a0 (diff)
enable cookie sessions for the API, temporarily.
-rw-r--r--app/controllers/api_controller.rb12
1 files changed, 11 insertions, 1 deletions
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index 70b3cac..d5bec70 100644
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -5,8 +5,18 @@ class ApiController < ApplicationController
protected
+ #
+ # For now, we are going to allow cookie authentication if there is
+ # no "Authorization" header in the request. This is to keep backward
+ # compatibility with older clients. In the future, this should be
+ # disabled.
+ #
def require_login
- require_token
+ if ActionController::HttpAuthentication::Token.token_and_options(request)
+ require_token
+ else
+ super
+ end
end
def anonymous_access_allowed?