Commit 5fb44192 authored by Timothy Andrew's avatar Timothy Andrew

Allow personal access tokens to be used for API authentication.

parent e8314ccc
...@@ -5,10 +5,22 @@ module API ...@@ -5,10 +5,22 @@ module API
PRIVATE_TOKEN_PARAM = :private_token PRIVATE_TOKEN_PARAM = :private_token
SUDO_HEADER ="HTTP_SUDO" SUDO_HEADER ="HTTP_SUDO"
SUDO_PARAM = :sudo SUDO_PARAM = :sudo
PERSONAL_ACCESS_TOKEN_PARAM = :personal_access_token
def current_user def find_user_by_private_token
private_token = (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]).to_s private_token = (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]).to_s
@current_user ||= (User.find_by(authentication_token: private_token) || doorkeeper_guard) User.find_by_authentication_token(private_token)
end
def find_user_by_personal_access_token
personal_access_token = PersonalAccessToken.find_by_token(params[PERSONAL_ACCESS_TOKEN_PARAM])
if personal_access_token
personal_access_token.user
end
end
def current_user
@current_user ||= (find_user_by_private_token || find_user_by_personal_access_token || doorkeeper_guard)
unless @current_user && Gitlab::UserAccess.allowed?(@current_user) unless @current_user && Gitlab::UserAccess.allowed?(@current_user)
return nil return nil
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment