From 564d4e787a29b50a72c086b94d3c13faf39333f5 Mon Sep 17 00:00:00 2001 From: elijah Date: Sun, 30 Nov 2014 14:32:01 -0800 Subject: enable cookie sessions for the API, temporarily. --- app/controllers/api_controller.rb | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 70b3cac..d5bec70 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -5,8 +5,18 @@ class ApiController < ApplicationController protected + # + # For now, we are going to allow cookie authentication if there is + # no "Authorization" header in the request. This is to keep backward + # compatibility with older clients. In the future, this should be + # disabled. + # def require_login - require_token + if ActionController::HttpAuthentication::Token.token_and_options(request) + require_token + else + super + end end def anonymous_access_allowed? -- cgit v1.2.3