blob: d5bec70ea7ea0833bd360cf8fa44a900b7d67c13 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
class ApiController < ApplicationController
skip_before_filter :verify_authenticity_token
respond_to :json
protected
#
# For now, we are going to allow cookie authentication if there is
# no "Authorization" header in the request. This is to keep backward
# compatibility with older clients. In the future, this should be
# disabled.
#
def require_login
if ActionController::HttpAuthentication::Token.token_and_options(request)
require_token
else
super
end
end
def anonymous_access_allowed?
APP_CONFIG[:allow_anonymous_certs]
end
end
|