From ccb280703ba851265702b8a92cdedb294cc93608 Mon Sep 17 00:00:00 2001
From: Kali Kaneko <kali@leap.se>
Date: Tue, 14 Feb 2017 23:40:29 +0100
Subject: [feature] authenticate as anonymous if no token in header

and serve / banner and robots to anon users.

instead of returning 401 for all cases, I treat the unauthenticated case
as a special case, and switch the service tree apart.

this allows to serve a different resource tree to unauthenticated users.

the new URLs are registered with the mapper.
I don't really like that dependency, could be handled by twisted alone, but meh.

- Resolves: #8764
---
 docs/changelog-next.rst | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'docs')

diff --git a/docs/changelog-next.rst b/docs/changelog-next.rst
index c5430b54..9d5f6297 100644
--- a/docs/changelog-next.rst
+++ b/docs/changelog-next.rst
@@ -10,6 +10,9 @@ I've added a new category `Misc` so we can track doc/style/packaging stuff.
 
 Features
 ~~~~~~~~
+- Refactor authentication code to use twisted credential system.
+- `#8764 <https://0xacab.org/leap/soledad/issues/8764>`_: Allow unauthenticated
+  users to retrieve the capabilties banner.
 - `#1234 <https://leap.se/code/issues/1234>`_: Description of the new feature corresponding with issue #1234.
 - New feature without related issue number.
 
-- 
cgit v1.2.3