Commit 4f502704 authored by Lin Jen-Shin's avatar Lin Jen-Shin

Add another TODO that we need to verify identity better

parent 6cfd0282
...@@ -87,6 +87,8 @@ module Gitlab ...@@ -87,6 +87,8 @@ module Gitlab
end end
# Find the first matched user in database from email From: section # Find the first matched user in database from email From: section
# TODO: Since this address could be forged, we should have some kind of
# auth token attached somewhere to verify the identity better.
def message_sender def message_sender
@message_sender ||= message.from.find do |email| @message_sender ||= message.from.find do |email|
user = User.find_by_any_email(email) user = User.find_by_any_email(email)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment